Information Systems Security Engineer

Gridiron IT
Washington, DC
Nov 17, 2022
Nov 30, 2022
Full Time
*Years of Experience: *7+ yearsAs an Information System Security Engineer (ISSE), the Cybersecurity Engineer's role is to conduct information system security engineering activities, confirm that information security requirements are effectively implemented throughout the security architecting, design, development, configuration, and implementation processes.The ISSE will perform research system computer security, system exploitation, penetration testing, and software security assessment for applications. Responsible for capturing and refining information security requirements. Serve as an integral part of the development team designing and developing organizational information systems or upgrading legacy systems. Employs best practices when implementing security requirements within an information system including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques. Insures (IDAM) Software Integration policy and oversight including: Username/password and PKI authentication, security access controls, limiting user access to any data at or below the security level assigned to the user's account, Monitor and restrict all network traffic, Encrypt all mission data at rest and in transit, require and force all data to be appropriately tagged in accordance with department guidance.Prepare SSPs, Risk Assessment Reports, A&A packages, and Security Controls Traceability Matrix (SCTM), monthly and quarterly risk compliance reports. Has experience in AWS and vulnerability management leveraging tools including Tenable Nessus, DBProtect, WebInspect, ForeScout*Bachelor's Degree and +7 years: *-Experience conducting security control assessments and/or implementation using NIST SP 800-53 and NIST SP 800-53A Rev 4.-Experience running vulnerability and compliance scans using tools like, WebInspect, DBProtect, etc.-Strong communication skills, attention to detail, and being a self-starter.-Experience with High Value Asset (HVA) systems-Experience with cloud migration and working with FedRAMP solutions-Experience in Secure SDLC, working directly with project teams to advise on control implementation to meet NIST SP800-53 controlsJob Type: ContractPay: $65.00 - $80.00 per hourBenefits:* 401(k)* 401(k) matching* Dental insurance* Health insurance* Health savings account* Life insurance* Referral program* Vision insuranceSchedule:* Monday to FridayAbility to commute/relocate:* Washington, DC 20001: Reliably commute or planning to relocate before starting work (Preferred)Education:* Bachelor's (Required)Experience:* Cybersecurity: 7 years (Required)* NIST standards: 5 years (Preferred)* FedRAMP: 5 years (Preferred)* Vulnerability assessment: 5 years (Preferred)* Tenable or WebInspect or DBProtect: 5 years (Preferred)* High Value Asset systems: 5 years (Preferred)* AWS: 5 years (Preferred)Security clearance:* Secret (Required)Work Location: Hybrid remote in Washington, DC 20001

Similar jobs