looking for an Information Security Engineer to work with one of its key government clients. This is a broad role that will cover many areas in Information Security, Information Risk, and Compliance. Primary responsibilities include performing security assessments and application code reviews, coordinating vulnerability remediation activities, assessing new technologies for security impacts, and management of compliance deliverables.
o Maintain FISMA required System Security Plan and associated compliance artifacts.
o Conduct architecture reviews and security impact assessments for technology and software development initiatives.
o Coordinate application and infrastructure risk mitigation and vulnerability remediation activities.
o Assess in-house developed software for vulnerabilities.
o Support 3rd party assessment activities.
o Ability to effectively communicate with technical and business audiences. Job Requirements
o Work Experience: 8 years of experience working in technical information security and risk management roles.
o Education: Bachelor’s degree in a technology field, Master’s degree preferred.
o Certifications Desired: CISSP, CEH
o Prior experience to include:
o Managing/maintaining FISMA compliance for a government information system in accordance with requirements from NIST.
o Experience working directly with external clients, business leadership, and auditors.
o Hands-on technical background, to include familiarity with servers, network devices, and security systems.
o Working knowledge of SIEM systems (Splunk) a plus.
This position requires that the successful candidate must be a lawful permanent resident or US Citizen and pass an extensive background check.