drjobs Senior AWS Security Engineer

Senior AWS Security Engineer

Employer Active

1 Vacancy
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Reston, VA - USA

Monthly Salary drjobs

$ 98124 - 166810

Vacancy

1 Vacancy

Job Description

*We are open to supporting 100 remote work anywhere within the continental US*

ICFs Digital Modernization Division is a rapidly growing entrepreneurial technology department. Our team is a leading provider of Digital Transformation services for Federal agencies. Our services focus on enabling agency mission and business transformation using industryleading lowcode platforms mobile applications robotics process automation and data analytics platforms. We are partnered with some of the worlds leading and most innovative companies like Salesforce ServiceNow Microsoft and UiPath. We focus on offering a full range of architecture and planning system implementation integration analytics and O&M for our customers.

We are seeking a Senior Security Engineer to support our Federal customers CIO Cyber Security organization and manage all vulnerability remediation activities including Binding Operational Directive (BOD) compliance.

Responsibilities:

  • Perform Security Impact Analyses on application releases and provide recommendations to federal leadership

  • Perform software vulnerability scans interpret the results and provide vulnerability mitigation recommendations

  • Support and develop analyses of alternatives and decisions on courses of action by providing security insights to project teams and federal leadership

  • Review and provide recommendations on requests for AWS policy changes

  • Work with development teams and other stakeholders to review code and accurately flag False Positives in SonarQube and improve the overall utility of the tool

  • Perform new software evaluation for cyber compliance and mitigation section 508 compliance and privacy reviews of the software for authorization Approved Software list.

  • The ability to write and review policy documentation based on industry standards.

  • Support regular updates to secure coding standards documentation and the ongoing assessment of the customer organization against the NIST Cyber Security Framework

  • Support Information Security Center vulnerability management groups by performing asset inventory secure configurations and continuous monitoring tracking and reporting and vulnerability service catalog.

  • Support Vulnerability Management activities related specifically to Cloud systems High Value Assets (HVAs) Mobile Device and Internet of Things (IoT) assets including testing certifying verification and authorization activities.

  • Based on your experiences and interests we may ask you as a technology professional to support growthrelated activities including (but not limited to) RFI RFP prototypes and oral presentations.

  • Team members are also expected to uphold and maintain appropriate certifications necessary for their practice expertise.

Basic Qualifications:

  • 4 years of Cyber/Network security management activities including developing writing and implementing procedures to ensure compliance with FISMA and NIST requirements 508 compliance and other Federal IT security management guidelines.

  • 3 years of experience with AWS Security

  • 3 years of Application Security experience

  • 3 years of experience with software vulnerability scanning tools such as Fortify WebInspect Qualys and SonarQube and familiarity of AWS policy.

  • 2 years of experience using SDLC Methodologies

  • Due to federal contract candidate must have been US Citizen or Green Card holder for 3 or more years.

  • Must be able to obtain Public Trust clearance.

  • MUST RESIDE IN THE United States (U.S. and the work MUST BE PERFORMED in the United States (U.S. as this work is for a federal contract and laws do apply.

Preferred Qualifications:

  • B.S. degree in Computer Science Engineering or similar discipline

  • 5 years of Cyber/Network security management activities including developing writing and implementing procedures to ensure compliance with FISMA and NIST requirements 508 compliance and other Federal IT security management guidelines.

  • Experience with OWASP Splunk Java SQL

  • Experience with DAST and SAST

  • Working Knowledge of CI/CD APIs and WAF

Working at ICF

ICF is a global advisory and technology services provider but were not your typical consultants. We combine unmatched expertise with cuttingedge technology to help clients solve their most complex challenges navigate change and shape the future.

We can only solve the worlds toughest challenges by building a workplace that allows everyone to thrive. We are an equal opportunity employer.Together our employees are empowered to share theirexpertiseand collaborate with others to achieve personal and professional goals. For more information please read ourEEOpolicy.

Reasonable Accommodations are available including but not limited to for disabled veterans individuals with disabilities and individuals withsincerely heldreligious beliefs in all phases of the application and employment process. To requestan accommodationplease emailand we will be happy toassist. All information you provide will be kept confidential and will be used only to the extentto provide needed reasonable accommodations.


Pay Range There are multiple factors that are considered in determining final pay for a position including but not limited to relevant work experience skills certifications and competencies that align to the specified role geographic location education and certifications as well as contract provisions regarding labor categories that are specific to the position.

The pay range for this position based on fulltime employment is:

$98124.00 $166810.00

Nationwide Remote Office (US99

Required Experience:

Senior IC

Employment Type

Full-Time

Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.