HBSS/ENS Engineer
CARSON SOLUTIONS LLC · Annapolis Junction, MD · 1 mo ago
On-siteEngineeringFull-time
Responsibilities
- Provide continuous upkeep, monitoring, analysis, and response to Information System, network and security events using Endpoint Security tools such as TRELLIX ePO and Microsoft Defender.
- Implement and maintain Security Technical Implementation Guides (STIGs) on Endpoint Security Tools.
- Conduct regular STIG compliance checks using tools like SCAP Compliance Checker and STIG Viewer.
- Document STIG configurations and remediation actions to ensure audit readiness.
- Manage and deploy operating systems and application patches in accordance with federal patch management policies.
- Cook up patch schedules to minimize operational impact while meeting compliance deadlines.
- Verify patch deployment success and troubleshoot any issues arising from updates.
- Harden systems by applying best practices and federal security guidelines to reduce attack surfaces.
- Maintain configuration baselines and ensure systems adhere to DoD and NIST standards.
- Support incident response by participating in internal/external security audits/inspections; performing risk assessments and Continuous Monitoring.
- Aid in identifying and responding to security incidents related to vulnerabilities or misconfigurations.
- Document incidents and contribute to after-action reports for continuous improvement.
- Collaborate with system administrators, engineering staff, and compliance teams to ensure cohesive security operations.
- Prepare detailed reports and briefings for federal clients on STIG compliance, patching status, and vulnerability management efforts.
- Develop, implement, and enforce Information Security Policies and Procedures.
Qualifications
- BS bachelor’s degree with 12+ years’ of Information Assurance experience.
- Specific experience, education and training may be considered in lieu of degree.
- A Current DoD 8570 baseline certification.
- An Active HBSS 301 Certification.
- An Active DoD TS/SCI/FS Poly clearance.
- Understanding of the Risk Management Framework (RMF), NIST, ICD, and CNSS standards.
- Familiarity with network technologies (LAN & WAN) and best practices within a classified environment to include crypto and key management.
- STIG compliance, SCC and STIG Viewer experience, and ACAS expertise.
- Advanced knowledge with Microsoft Windows, Linux, and system virtualization in a secure network environment.
- Ability to work in a constantly changing regulatory environment with short-, mid-, and long-term timelines for remediating any non-compliance.
- Good writing and verbal presentation skills.