Security Engineer
Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
At DYOPATH we believe that work should be more than just a job it should be a passion. As a dynamic forward-thinking Managed Service Provider (MSP) we are dedicated to empowering organizations with reliable and innovative IT solutions. Guided by our core values of accountability excellence and exceptional customer service we cultivate a culture of creativity passion and bold communication. Our team is driven by a shared commitment to sustainability and delivering meaningful results that help our clients thrive.
We are hiring for a remote Information Security Engineer!
At DYOPATH were not just another IT company were apeople-firstorganization committed to building a collaborative creative and inclusive work culture. Weve been recognized as aGreat Place to Workfor four years running and we want YOU to be part of our award-winning team!
Why DYOPATH
- People-First Culture: We value collaboration creativity and making sure every team member feels supported and appreciated.
- Do the Right Thing:Integrity and honesty are at our core. Youll be part of a team that embraces accountability and always strives to do whats right.
- Amazing Benefits:
- Medical Dental Vision and Life Insurance
- 401(k) with company match
- Paid Time Off
- Paid Holidays
- Flexible Spending Account (FSA) and Health Savings Account (HSA)
- Pet Insurance (because we know pets are family too!)
- And more! Check out our full benefits available athttps:// Details:
- Position: Security Engineer
- Pay: up to $110K
- Location: Remote
What are some of your Must Have Qualifications for this position
- CISSP certification current and completed
- Microsoft Certified Security Operations Analyst Associate
- U.S. Citizen able to obtain a security clearance (public trust level 5)
- Experience in a Federal Azure Cloud environment
- Familiar with the following security tools: Azure Sentinel Azure Log Analytics Microsoft Defender BURP SQL Databases
- Experience with PowerShell
- Individual will be required to obtain a Secret Security Clearance prior to starting position
- Bachelors Degree in Information Systems Management Information Systems or a related field; knowledgeable of operating systems LANs and WANs/MANs; demonstrated knowledge and experience with applicable security regulations and standards; applicable active security clearances and/or security certifications required
What will you be doing as an Information Security Engineer
You will be providing security support for a government client on EST for a wide variety of applications. You will possess strong technical analytical interpersonal and organization skills.
You will:
- Ensure all applications are configured and maintained based on FISMA Standards.
- Complete Security Scans of the applications and deliver reports based on the scans. Update POAMs based on the scans and issues resolve/implement and/or work with the IT team to address issues/vulnerabilities identified.
- Complete Annual Security Review Coordinate complete and deliver the annual security review. Test controls and complete updates as required based on the review. Deliver evidence and reports as required.
- Complete Annual Contingency Plan Test Coordinate complete and deliver the annual Contingency Plan Test.
- Maintain/update Security Documentation; respond to Security questions/issues.
- Prepare and deliver required FISMA Documentation i.e. System Test Plan Risk Assessment Policies Configuration Management Plan Contingency Plan etc. for recertification.
- Work with a 3rd party vendor designated by the client to complete scans of the applications work with vendor to complete the System Test and Evaluation of the applications. This involves completing a review of the Security Controls and providing evidence that the control has been implemented on the applications.
- Review existing C&A paperwork respond to questions on C&A paperwork submitted resolve or make recommendations on how to address issues identified and provide additional information/evidence as required. Update or create C&A documents as required based on client policies and FISMA requirements.
- Subject Matter Expert on Security policies and responsibilities Respond to questions and/or provide guidance on security policies issues or questions that are identified. Ensure that we are meeting security requirements as defined by client policies and FISMA/NIST standards.
- Review system changes and determine security impact and provide guidance and/or complete changes required to the existing paperwork or system as required.
- Ensure compliance with appropriate security standards and regulations.
- Implement/make recommendations to meet new security policies/requirements.
- Translate DoD federal state and organizational compliance requirements into documented processes procedures guidelines and standards.
- Conduct analysis of system designs processes and procedures to document the applicable security controls in accordance with National Institute of Standards and Technology (NIST) 800-53 guidelines and requirements.
- Exhibit strong writing and editing skills as well as the ability to work closely with all business areas to develop new and existing documentation
- Aggregate parse rearrange and revise current documentation according to security requirements new standards and formats; Review vendor documentation for relevant content to aid in development of processes procedures standards and guidelines;
- Create new documentation for processes procedures training materials user guides web-based content release notes internal and external presentations etc.
- Document and implement a continuous monitoring strategy based on FISMA requirements.
- Use Azure Sentinel Log Analytics and Microsoft Defender to monitor Azure logs and identify risks in real time.
- Write Kusto Query Language (KQL) queries for Azure Log Analytics and Azure Sentinel
- Create and modify Azure Sentinel Workbooks Hunting Queries and Analytics Rules using KQL.
- Interpret web traffic data from cloud-based firewalls (e.g. CheckPoint Security Gateway Azure App Gateway Web App Firewall) to identify risks and recommend configuration or rule changes.
- Work with a technical team to evaluate Microsoft Defender for Cloud configuration recommendations based on NIST 800-53 r5 blueprints and establish technical requirements.
- Familiar with Security policies and practices within the Federal Government cloud environment.
- Familiar with FedRAMP requirements.
- Familiar with security industry best practices and standards such as:
- SANs 18
- OMB M-21-31 Logging requirements
- Zero Trust in Azure
- DISA SITG requirements for Windows Virtual Machines
- Microsoft Purview for data governance
- TIC 3.0 Logging requirements
Ready to Join Us
If youre ready to make an impact grow your career and join a team that truly values youAPPLY NOW and lets secure the future together!
Equal Opportunity Employer
DYOPATH is committed to a work environment free of all forms of discrimination. DYOPATH recruits and hires without regard to age color disability gender gender identity genetic information marital status military status national origin race religion sexual orientation veteran status or any other legally protected characteristic. For more information about DYOPATH please visit our website . The above information has been designed to indicate the general nature and level of work performed by employees in this classification. It is not designed to contain or to be interpreted as a comprehensive inventory of all duties responsibilities and qualifications required of the employee assigned to this job.
Employment Type
Full Time
