Vacancy expired!
Description
Job Description:The Defense Group of Leidos has an exciting opportunity for an Information Security Engineer to support efforts for the Army Cloud Common Shared Service Provider (CCSSP) contract located in the Northern Virginia/National Capital Region. The Information Assurance Engineer will provide leadership in the execution of information security management services providing a broad range of information security activities and operations at an approved level of security across the enterprise.Primary Responsibilities- Assist the Government Lead in daily tasks to ensure all systems have current Authorizations to Operate (ATOs).
- Facilitate Assessment and Authorization (A&A) for Information Systems, data availability, integrity, authentication, confidentiality, and non-repudiation.
- Through A&A review processes, ensure security measures are implemented for communication systems, networks, and provide advice that systems and personnel adhere to established security standards and Governmental requirements for security on these systems.
- Develop and implement vulnerability management processes.
- Conduct vulnerability scans using Assured Compliance Assessment Solution (ACAS) and assist Engineers in correcting, documenting and mitigating system vulnerabilities.
- Vulnerability management duties include, but are not limited to, using Tenable SecurityCenter and Nessus scanners, BigFix, HBSS, Security Information and Event Manager (SIEM) tooles, Security Content Automation Protocol (SCAP) Compliance Checker (SCC) Tool, HP Fortify, other automated tools, and manual inspections to identify vulnerabilities; documenting vulnerabilities; reporting vulnerability statistics.
- Provide security configuration management of CS devices.
- Develop and implement incident response processes
- Detect and correct defensive cyber operation activities.
- Perform forensics and remedial action on cybersecurity incidents.
- Report defensive cyber operations statistics.
- Manage data at rest and data in transit services.
- Manage audit and accountability services.
- Provide guidance and compliance reviews based on DoD Secure Cloud Computing Architecture (SCCA).
- ship and a DoD Secret Clearance Bachelors' degree in Computer Science, Information Systems, Cyber Security, or related field, or equivalent experience.
- Minimum 5 years of prior relevant experience managing NIST RMF and DoD cyber security policies in accordance with program cybersecurity assessment and authorization (A&A) implementation.
- Experience with the DoD Assessment and Authorization (A&A) for Information Systems.
- Experience with submission of Risk Management Framework (RMF) packages.
- Experience with Vulnerability Management.
- Experience with Incident Response.
- Compliant with DoD 8570 IAT Level III (GCIH, CCNP Security, CISSP, etc).
- Familiarity with the DoD Secure Cloud Computing Architecture (SCCA).
- Must have a DoD 8570 IAT Level II (or Level III) Certification (e.g. Sec+ CE).
- Experienced with various security tools and processes such as Splunk, Tenable Security, Fortify.
- Experience with the NIST Risk Management Framework (RMF).
- Experience with operation of systems to an Amazon Web Services (AWS) and Azure cloud environment.
- A professional background in Systems Engineering / Cloud Architecture / Software Development.
- Experience with Cloud Computing Technologies.
- Experience with Agile Software Development.
- AWS/Azure Certifications.
- Experience with scripting languages (Python, Power Shell).
- Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.
Vacancy expired!