Our Partner is looking for an
Information Systems Security Engineer to join a fast-paced DEVOPS, Cyber Security, and Engineering support environment. Candidate must have a familiarity with the Assessment and Authorization (A&A) process and the Risk Management Framework (RMF), ability to research, translate, and help communicate risk information to the project teams and sponsors. Work with client stakeholders to provide input and best practice recommendations to inform decision making on security solutions. Implement and support client-based security mitigations and solutions. The position will collaborate with other ISSEs and project teams to maintain ATOs and practice continuous monitoring across systems to ensure strong security posture. Candidate must be able to analyze system configurations, scan results, and audit logs to meet sponsor compliance requirements and identify vulnerabilities and issues. The ideal candidate will have demonstrated experience supporting systems to policy compliance as well as ConMon requirements such as quarterly scanning, privileged user reporting, POAM management, and audit. The position requires a team player with good communication and documentation skills.
Requirements - TS/SCI FSP Clearance
- CISSP, CEH, CISM, or similar industry certification preferred
- Ability to develop, maintain, and help submit A&A packages in accordance with the ICD 503 Rev. 4 policy and RMF
- Experience performing security engineering tasks and risk analysis on cloud-based systems
- Ability to help provide proper guidance for the application of security controls across the full OSI model stack
- Knowledge of gathering bodies of evidence (BOE) and artifacts for security packages
- Perform system analysis, system audits, system monitoring, security control assessment/testing, risk management
- Experience reviewing vulnerability and compliance reports utilizing OS, Web, and DB scanning tools
- Experience with auditing and monitoring systems utilizing various tools, such as Splunk or similar metrics solutions
- Ability to perform continuous security monitoring and develop strategies for remediation
Desired Skills - Experience working with sponsor cyber assessment team on system assessments
- Experience working in the intelligence community
- Experience with the sponsor's security tracking applications
- Experience reporting on status to stakeholders on security-related tasks and issues
- Demonstrated experience performing continuous security monitoring and developing strategies for remediation
- Demonstrated experience assisting with the design, engineering, and development of highly secure systems built upon Amazon Web Services
- Experience with MFA and ZTA environments
About Us For more than 20 years, NewGen Technologies has solved our clients' toughest IT challenges with integrity, security, and outstanding service by delivering both technology and talent. We have helped secure borders, have used artificial intelligence (AI) to fight terror, aided the identification of criminals, and have helped to prevent crime through the introduction of biometrics. Our team of Highly Cleared Specialists have hard-to-find skills and expertise in a wide spectrum of technologies to provide solutions that transform business processes and solve problems of national significance. #CJ
Never miss an opportunity! Create an alert based on the job you applied for.
