ECS is seeking a Senior Cybersecurity Automation Engineer to work in our Washington, DC office.Job Description:ECS is looking for an experienced, resourceful, innovative, and self-motivated Cybersecurity Automation Engineer with a background in ServiceNow development to lead our security automation initiatives. This role entails planning, designing, developing, deploying, monitoring, and maintaining security automation solutions in order to meet stakeholder needs within the ServiceNow GRC tool and in accordance with NIST standards, guidelines, and mandates. Your objective will be to improve the efficiency, effectiveness, and accuracy of detection and response capabilities for the client's cybersecurity teams, automate security assessment processes, and eliminate or reduce manual tasks and achieve cost-savings.As part of this role, ideal candidates must possess a combination of coding knowledge, skills, and abilities, a solid understanding of the ServiceNow platform, experience developing web applications, and a strong understanding and expert knowledge of FISMA, FedRAMP, and similar security frameworks. You will leverage the Security Content Automation Protocol (SCAP) suite languages, including Extensible Configuration Checklist Description Format (XCCDF), Open Vulnerability and Assessment Language (OVAL), and Open Checklist Interactive Language (OCIL), in conjunction with client-approved SCAP-enabled tools as well as open-source or custom developed tools, such as scripts and/or application programming interfaces (APIs), to automate the development, testing, implementation, assessment, and monitoring of security and privacy security controls.Additionally, you will be responsible for routinely reviewing and updating, as necessary, existing information security policies, standards, and procedures based on federal and departmental regulations, standards, guidance, and mandates.Required Skills:Must have strong understanding of the NIST Risk Management FrameworkStrong written and verbal communication skills.Demonstrated ability to interact effectively with senior management and leadership.Produce the evidence to support automated assessment (ie, self-assessments, impact analysis), monitoring (ie, control status), and reporting (ie, alerts, dashboard) effortsMust have experience with high-level ServiceNow configurationsMust be able to help research technologies, develop solutions, gather requirements and identify impactsMust have excellent communication skills and ability to organize development activitiesExperience integrating cybersecurity tools, such as ServiceNow GRC is preferredFive (5) years of experience as a software developer is required,Three (3) years of experience integrating cybersecurity tools, including Qualys, RSA Archer, and Splunk with ServiceNow GRC and ServiceNow formats and languagesActive Public Trust clearance or eligible to obtain a Public Trust clearanceBachelor's degree or higher in an IT-related field is required; Computer Science or Software DevelopmentDesired Skills:Experience performing Assessment and Authorization (A&A) activities, including conducting risk assessments, performing Security Controls Assessments (SCA), developing/authoring A&A documentations, such as System Security Plans (SSP), Privacy Impact Assessments (PIA), Risk Assessment (RA), Contingency Planning (CP).In depth working knowledge of guidelines in the latest NIST SP 800-53, 800-53A, 800-126, SP 800-128, and SP 800-137.Analyze the technical development requirements and develop integrations between the ServiceNow modules and 3rd-party tools and APIs used by the Cybersecurity teams.Configure ServiceNow workflows and implement standard processes in coding and design as per the ServiceNow standards.Collaborate with NM's ServiceNow Platform SRE team to ensure quality and stability of integrations.Javascript/Node.js experienceProvide checkouts during ServiceNow module and platform upgrades.Find opportunities to automate workflows/processes related to security events through ServiceNow or SOAR playbooksExperienced security pen-testerManage the ongoing improvement to the organization's case management system to decrease response times, increase effectiveness and streamline security operationsAssist with the design, engineering, deployment, and maintenance of custom automation tools (primarily in Python, and PowerShell)Develop dashboards and metrics within the organization's case management system.Maintain and improve the team's products, infrastructure, and technology stack.Develop and maintain documentation related to the automation of workflows related to detection/response procedures for security events.ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3000+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.