This is a remote
Title: Information Security Engineer
Location: Herndon, VA or Remote from, TX, MD, FL, UT, CO, PA, NJ, SC, NC, DC, IL, GA, WA
Terms: Full-Time/Permanent
Citizenship: Due to federal regulations of our client's work all qualified candidates must be US ;
Position Overview:
This senior level position Information Security Engineer will serve as a member of the Information Security This individual will report to the Manager of Governance & Engineering and will need to be hands-on technically, be able to assess threats and risks, understand and design architectures, and provide guidance on technical security controls for on-premise and cloud environments. The ideal candidate will have a solid background in requirements development, security architecture, secure development operations, threat modeling, risk assessment, and compliance The ideal candidate will also have a solid background in multiple areas of information security and system/network This individual will also need to be able to work with leadership and technical staff to drive issues to
Responsibilities:
- Engage with engineers from infrastructure and development teams to develop, implement, and troubleshoot secure networking, architecture, and Conduct risk assessments, threat modeling, and oversee risk remediation
- Configure security controls to comply with NIST SP800-171 and NIST SP800-53
- Write control descriptions based on current architecture and propose remediation actions at the technical operational
- Perform hands-on maintenance and troubleshooting including installing and upgrading software, managing files, and configuring systems and
- Maintain and operate Windows hosts and security network active directory domain for FIM, SIEM, and audit logging systems
- Configure SIEM and FIM logging capabilities, including monitoring functions, establishing a baseline, and creating alerts based on audit
- Implement a Governance, Risk and Compliance tool to manage audits and assessment work, control implementation, policy and governance documentation, risk assessments, map controls/ policy/frameworks,
- Manage internal and external audits and
- Lead industry standard audits for certification (, SOC 2, ISO27001, Cyber Essentials, ).
- Represent the organization's security posture to external auditors, customers, and
- Create and update the organization s information security policies, standards, procedures, and guidelines
- Evaluate emerging trends and technology and work with technical teams to understand and prepare for a potential impact on the organization s information security
Requirements
Basic Qualifications:
- 7+ years of demonstrated IT Security engineering work experience providing guidance to project teams
- 5+ years of demonstrated TCP/IP network engineering and administration experience
- 5+ years of demonstrated Windows / Linux system engineering and administration experience
- Demonstrated experience working with secure-SDLC practices in a commercial environment utilizing agile and DevOps models
- Demonstrated experience in implementing technical security controls
- Demonstrated experience performing risk assessments and threat modeling
- Demonstrated experience in managing SIEM and FIM tools including configuring logging functions and troubleshooting issues
- Demonstrated experience in writing System Security Plans and POAMs
- Experience with conducting and managing audits and assessments
- Significant experience in working with ISO 27001/2, NIST 800-171, and NIST 800-53
- Demonstrated ability to understand and respond to complex business requirements
- Demonstrated ability in strong verbal and written communication skills to interface with technical and business stakeholders
- Significant experience working in Jira and Confluence
- Be able to pass background investigation to attain and maintain Trusted Role access to company systems
- Experience / familiarity with these networking technologies:
- Key network services including HTTP/SMTP/DNS and supporting technologies including web, domain and mail servers
- Encryption (IPSec/SSL/TLS)
- Network Security ( Firewalls, Network Access Controls, Proxies, SPAM/Phishing Prevention, etc)
Preferred Qualifications:
- CISSP and other technical certifications are a plus
- Event Tracker event audit logging system
- Tripwire file integrity management system
- Cloud computing and architecture
- Windows Domains and Active Directory
- End-point Protections (HIPS/HIDS)
- Web Application Programming (Java and related technologies)
- Knowledge and demonstrated experience designing multi-tier, highly available, multi-threaded, scalable
- Secure development frameworks ( OWASP SAMM, Microsoft Security Development Lifecycle, IBM Secure Engineering Framework, )
- Public Key Infrastructure (PKI)
- Identity Federation Technologies (SAML, )
- Business Continuity and Disaster Recovery planning
- SharePoint
- Data Loss Prevention (DLP)
- Data Labeling and Information Rights Management
- S/MIME-based Secure Email
- Windows Domains and Active Directory
- Identity Access Management (IAM)
Education:
- Bachelor s or master s degree from an accredited university in IT related discipline
Benefits
Health Insurance through Cigna
Dental Insurance through MetLife
VSP Vision Plan
4 Weeks of Paid Time Off (Vacation, Sick, Personal Time)
Holiday Break between Christmas and New Years
7 Federal Holidays
401K with generous company match
Tuition Reimbursement + additional continuing education benefits
Employee Referral Bonus
Health Savings Account (HSA)
Flexible Spending Account (FSA)
Short/Long Term Disability
Life Insurance Option
Pet Insurance
Legal Services
Identity Theft Protection
Basic Qualifications: 7+ years of demonstrated IT Security engineering work experience providing guidance to project teams 5+ years of demonstrated TCP/IP network engineering and administration experience 5+ years of demonstrated Windows / Linux system engineering and administration experience Demonstrated experience working with secure-SDLC practices in a commercial environment utilizing agile and DevOps models Demonstrated experience in implementing technical security controls Demonstrated experience performing risk assessments and threat modeling Demonstrated experience in managing SIEM and FIM tools including configuring logging functions and troubleshooting issues Demonstrated experience in writing System Security Plans and POAMs Experience with conducting and managing audits and assessments Significant experience in working with ISO 27001/2, NIST 800-171, and NIST 800-53 Demonstrated ability to understand and respond to complex business requirements Demonstrated ability in strong verbal and written communication skills to interface with technical and business stakeholders Significant experience working in Jira and Confluence Be able to pass background investigation to attain and maintain Trusted Role access to company systems Experience / familiarity with these networking technologies: Key network services including HTTP/SMTP/DNS and supporting technologies including web, domain and mail servers Encryption (IPSec/SSL/TLS) Network Security ( Firewalls, Network Access Controls, Proxies, SPAM/Phishing Prevention, etc) Preferred Qualifications: CISSP and other technical certifications are a plus Event Tracker event audit logging system Tripwire file integrity management system Cloud computing and architecture Windows Domains and Active Directory End-point Protections (HIPS/HIDS) Web Application Programming (Java and related technologies) Knowledge and demonstrated experience designing multi-tier, highly available, multi-threaded, scalable Secure development frameworks ( OWASP SAMM, Microsoft Security Development Lifecycle, IBM Secure Engineering Framework, ) Public Key Infrastructure (PKI) Identity Federation Technologies (SAML, ) Business Continuity and Disaster Recovery planning SharePoint Data Loss Prevention (DLP) Data Labeling and Information Rights Management S/MIME-based Secure Email Windows Domains and Active Directory Identity Access Management (IAM) Education: Bachelor s or master s degree from an accredited university in IT related discipline