Apex Systems Inc., is immediately seeking an Information Systems Security Engineer (IA 3/4)
who is a self-starter, highly organized, has a strong drive for quality, and eagerness to learn/grow. This position will support one of our highly-regarded clients in the government arena, and offer a strong upside for growth within the organization. The qualified applicant will have worked in SCIF facilities in the past, and have a strong understanding/background in NIST & RMF. The selected candidate will also demonstrate hands-on experience with STIGs, Splunk, Nessus/Security Center, ACAS, Patch Management & Vulnerability remediation, as well as creating & executing against POA&Ms.Client:
Enterprise Government Integrator Location:
Linthicum, MD Compensation:
Competitive based on years of relevant experience & education Clearance:
Able to maintain a DoD Secret clearanceDescription of Work:
- Designs, tests, and implements state-of-the-art secure operating systems, networks, and database products
- Conducts risk assessment and provides recommendations for application design
- Participate in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access
- Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research; and may prepare security reports to regulatory agencies
- Ensures systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the security plan
- Ensures that all users have the requisite security clearances, authorization, and need-to-know, and are aware of their security responsibilities before granting access
- Ensures that all systems/network are compliant and in scope of current accreditation
- Evaluates proposed changes or additions to the information system, and advises the Information Systems Security Manager (ISSM) of their security relevance
- Create and maintain Plan of Action and Milestones (POAM) or Risk Acceptance Letters (RALS)
- Participate in internal / external security audits/inspections
- Conduct vulnerability, and risk mitigation in accordance with RMF & DoD JSIG standards
- Splunk utilization to include managing/maintaining indexers, search heads and deployment servers, creating and maintaining dashboards for users, creating custom extracts/regular expressions, and Splunk Query Language. Plus the ability to deploy new Splunk servers.
- Manage End Point Protection systems & software (McAfee EPO, Forcepoint DLP, Carbon Black, etc).
- Active DoD Secret clearance w/ adjudicated PR in the past 5 years
- Bachelor's Degree with 5-9+ years of experience; or 14+ years of relevant work experience in lieu of degree. Degree must be in a Computer Sciences, Cybersecurity, Management Information Systems, or related field.
- DoD 8570 Compliant, IAM Level III; Must have one of the following: Security+ CE, CISSP, CISM, CASP+CE, CSSLP
- Must have an active CISSP certification
- 4-7+ years of past experience in an Security Engineer/ISSE role or similar joint responsibilities
- Experience with SCIF/SAPF/Secured environments
- Reviews and supports certification and accreditation documentation within NIST & RMF
- Able to generate system or network designs that encompass multiple enclaves, including those with different data protection or classification
- Understands vulnerability, and risk mitigation in accordance with RMF & DoD JSIG standards
- Experience with Splunk to include managing/maintaining indexers, search heads and deployment servers, creating and maintaining dashboards for users, creating custom extracts/regular expressions, familiarity with Splunk Query Language. Ability to deploy new Splunk servers.
- Familiarity with DoD STIGs, deploying new STIGs & working with IT/IA to develop POA&Ms for vulnerabilities that cannot be mitigated or STIG settings that cannot be applied
- Experience with deploying and maintaining Tenable Security Center/Nessus Scanner.
- Ability to manage End Point Protection systems & software (McAfee EPO, Forcepoint DLP, Carbon Black, etc).
- Ability to analyze vulnerability/patch scan results. Prioritize patch application and vulnerability mitigation.
- Experience with Sentris (Initial deployment, maintenance & upgrades. Ability to troubleshoot user issues and manage changes to security classifications)
- Knowledge of Windows security / group policy and Cisco networking
- Familiarity with Windows & Linux Operating systems
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at firstname.lastname@example.org