Cyber Security InfoSec Engineer - SME
Convirgence · Herndon, VA · 33 mo ago
Information TechnologyFull-time
About the role
A Cyber Security InfoSec Engineer supporting the customer will provide both critical support in addressing complicated security-related issues and exceptional customer service. In this role, a typical day will include:
- Working as part of a motivated, high-performing team
- Resolving critical security-related issues that negatively impact the customer’s mission
- Collaborating with teammates and government customers to identify process improvements
- Providing technical and programmatic Information Assurance Services to internal and external customers in support of network and information security systems
- Designing, developing and implementing security requirements within an organization’s business processes
- Providing technical and policy interpretation and guidance regarding information security issues in support of ICD 503 accreditation activities
- Ensuring that operational security for cloud solutions is maintained for information systems
- Developing and maintaining A&A documentation (SSP, Security Test Procedures, Security Controls Traceability Matrix, etc.) and conducting periodic reviews to ensure compliance attained ATO in full cloud implementation
- Providing technical direction in implementing defense in depth strategies for sensitive workloads
- Identifying deficiencies/weaknesses discovered in customer’s systems and recommending corrective actions to address identified vulnerabilities and non-compliance of systems, including infrastructure
- Utilizing applications and AWS services to support audit and continuous monitoring functions to ensure the security posture of the system
- Performing insider threat mitigation, and aligning to NIST standards
Responsibilities
As a Cyber Security InfoSec Engineer supporting the customer, you will be trusted to provide both critical support in addressing complicated security-related issues and exceptional customer service. In this role, a typical day will include:
- Working as part of a motivated, high-performing team
- Resolving critical security-related issues that negatively impact the customer’s mission
- Collaborating with teammates and government customers to identify process improvements
- Providing technical and programmatic Information Assurance Services to internal and external customers in support of network and information security systems
- Designing, developing and implementing security requirements within an organization’s business processes
- Providing technical and policy interpretation and guidance regarding information security issues in support of ICD 503 accreditation activities
- Ensuring that operational security for cloud solutions is maintained for information systems
- Developing and maintaining A&A documentation (SSP, Security Test Procedures, Security Controls Traceability Matrix, etc.) and conducting periodic reviews to ensure compliance attained ATO in full cloud implementation
- Providing technical direction in implementing defense in depth strategies for sensitive workloads
- Identifying deficiencies/weaknesses discovered in customer’s systems and recommending corrective actions to address identified vulnerabilities and non-compliance of systems, including infrastructure
- Utilizing applications and AWS services to support audit and continuous monitoring functions to ensure the security posture of the system
- Performing insider threat mitigation, and aligning to NIST standards
Requirements
- REQUIRED QUALIFICATIONS: Education - Bachelor’s degree in Computer Science, Engineering, or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience. 16 years of related experience.
- TECHNICAL SKILLS: Well-versed in AWS technologies and architecture; Ability to convey technical information to non-technical individuals; Ability to work in a dynamic and challenging environment; Strong oral and written communications and interpersonal skills; Experience working with Xacta 360; Experience working with scanning tools such as Nessus, AppDetective, and WebInspect; Demonstrated ability to multi-task and work independently; Self-starter.
- DESIRED CERTIFICATIONS: AWS Certified Solutions Architect Associate; Certified Ethical Hacker (CEH); EC-Council ITIL Certificate – Foundation Certificate in IT Service Management; Certified Information System Security Professional (CISSP)