Security Engineer
Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
$ 90000 - 115000
1 Vacancy
Job Description
Join us at Sparksoft where were not just another tech companywere a catalyst for change. Our mission isnt just to offer IT solutions; its to revolutionize the way you work. Here passion isnt just a buzzword; its the fuel behind groundbreaking ideas and transformative technologies. We serve a wide range of government clients delivering impact thats felt across the nation.
Our true strength lies in our people. Theyre the problem-solvers and innovators consistently delivering extraordinary outcomes. With Sparksoft youre not stepping into a routine job; youre joining a team committed to innovation and excellence. Our innovation extends beyond just delivering projects. Through our specialized Innovation Centers we continuously refine our methods ensuring we remain industry leaders.
We are Sparksoft!
ROLE & RESPONSIBILITIES:
- This position will be responsible for developing security reports security recommendations and security policies and procedures that are meaningful defensible and actionable for a variety of audiences as pertained to assigned business units.
- Monitor and analyze security events and alerts to identify potential threats and vulnerabilities.
- Provide support to end users with applications and systems managed by the organization ensuring they can perform their assigned duties
- Write reports on security incidents user access issues and compliance with security policies.
- Implement the concepts of least privilege and need-to-know to ensure that users have appropriate access to resources.
- Assist users requiring access to protected resources including managing user accounts.
- Participate and be an integral component of audit compliance and regulatory functions including and not limited to; audits of system security to ensure compliance with corporate security framework NIST 800-53 ISO 27001
- Primary POC in a vulnerability management program of the account that includes:
- External and internal vulnerability scans of applications and systems
- External and internal penetration tests of applications and systems
- Documentation and remediation of identified vulnerabilities and exploits
- Routinely monitoring various communication avenues for security vulnerabilities and security patches
- Taking a risk-based approach comparing those security vulnerabilities and security patches across the operating environments.
- Making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities.
- Conduct yearly IT Security training for the entire company.
- Stay informed about the latest security trends threats and best practices to continuously improve security measures.
REQUIRED EXPERIENCE:
- Minimum of Five (5) Years of experience in IT Security
- Knowledge and understanding of security controls across all security domains such as access management encryption vulnerability management authentication authorization network security physical security etc.
- Ability to identify security risks in application system and network architecture data flow and processes or procedures.
- Ability to assess the organizational impact of identified security risks and recommend solutions or mitigating controls.
- Knowledge of security technologies devices and countermeasures as well as the threats they are designed to counter.
- Experience with developing security reports recommendations policies and procedures that are meaningful defensible and actionable for a variety of audiences.
- Familiarity with more than one framework (NIST 800-series ISO 27000-series ISO HIPAA HITRUST FISMA FedRAMP other common security control frameworks).
- Experience in SharePoint Workflows and security is a plus
- Communication skills (interpersonal verbal presentation written email).
- Experience to write report segments and to participate in presentations.
- Positive attitude collaborator self-starter; takes initiative ability to work independently and effectively with all levels of staff and management both internally and externally.
- Candidates must be able to obtain and maintain a Public Trust clearance.
- Candidates must have lived in the United States 3 out of the past 5 years.
PREFERRED EXPERIENCE:
- Significant understanding of NIST Risk Management Framework and Information Security Risk Management methodologies.
- Ability to understand develop and socialize security policies standards and procedures.
- Proficiency with security controls for cloud environments (Azure and AWS) including FedRAMP requirements.
- Experience in risk management compliance audit or third-party assessments.
EDUCATION & CERTIFICATIONS:
- Bachelors Degree in System Engineering Computer Science Information Systems or related discipline from an accredited college or university is required.
- 5 years of prior relevant experience. *5 years of additional SE experience may be substituted for a bachelors degree.
- CIPP CRISC CISA CISSP CISM ISO or any security/IT audit certification.
The pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. In addition to our competitive base pay Sparksoft offers health insurance paid time off 401K matching and training. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data or other laws.
Maryland Pay Range
$90000 - $115000 USD
If you need accommodation seeking employment with Sparksoft Corporation please email or call . Accommodations are made on a case-by-case basis.
At Sparksoft Corporation we take security and protection of personal information very seriously. We will never ask you to send private personal information over email. Accordingly we ask you to immediately contact our security team via email at upon receiving a suspicious request.
Employment Type
Full Time
