Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

RP Engineer Jr./Sr. (HR - 4478)

A

AAC Inc

RP Engineer Jr./Sr. (HR - 4478)

Bethesda, MD
Full Time
Paid
Similar Jobs
  • Responsibilities

    We are seeking a Senior Information Technology Security Compliance Engineer to join our team in support of a client located in Bethesda, MD.  The successful candidate will assist the client’s Information Systems Security Officer (ISSO).

    RESPONSIBILITIES INCLUDE:

    • Understanding security engineering and architectures of information systems, the application of knowledge to the network environment, and Continuous Monitoring (CM) requirements.

    • Understanding software, hardware, and public-facing requirements of client’s information systems on premise and in the cloud.

    • Analyzing security systems and continuously seek improvements.

    • Developing best practices and security standards for the network environment.

    • Assisting in the tracking and remediation activities of systems, networks, applications, and source code vulnerabilities by reviewing scan reports and working with the relevant parties to remediate the vulnerabilities.

    • Assisting to develop non-compliance waivers regarding business justifications, compensating controls, and residual risks.

    • Driving the implementation of security projects that require compliance with relevant government policies or standards.

    • Responding to data calls from NIH, HHS, or OMB related to IT security.

    • Supporting security engineering regulatory compliance efforts for IT programs.

    • Assisting client in coordination, implementation, communication, and enforcement of the NIH IT security policies.

    • Advising on the development and design of methodologies to conduct business case analyses of the information security infrastructure.

    • Providing guidance, assistance, and coordination to systems developers, systems administrators, and other specialists to ensure the proper and timely implementation of information systems security standards and vulnerability remediation for both systems under development and deployed in production systems.

    • Understanding and participating in incident response on-call rotation as well as communicate with Incident Response Team via meetings, emails, and conferences to promptly validate and address compliance findings.

    • Responding to systems and network security incidents, e.g., system compromise, loss of confidentiality, authentication problems, etc.

    • Implementing new processes to optimize security system to support the client organization.

    Required Skills

    REQUIRED QUALIFICATIONS:

    • Bachelor’s degree in related technical field and 10+ years of related experience is required. Additional experience can be substituted for a degree.
    • Experience must include: 5 years of UNIX and/or Windows system administration experience and at least 5 years of IT security experience.
    • Excellent working experience in applying FISMA, and FedRAMP processes and policies to information systems.
    • Excellent oral communication, writing, problem-solving skills, and attention to detail.
    • Strong understanding of Linux and Active Directory.
    • Expert knowledge of IT security vulnerabilities and risk assessments with the ability to explain the risks associated with them to executives, program, and technology staff.
    • Ability to work with program staff, executives, and technology staff to achieve IT security goals and objectives.
    • Certifications: CISSP (or ability to obtain one within 6 months).

     

    DESIRED QUALIFICATIONS:

    • Understanding of the Secure Software Development Life Cycle.
    • Ability to run scans (NESSUS) and validate remediation.
    • Experience with major components and architecture of Tenable such as SecurityCenter, Nessus Manager, scanners, agents, and Tenable.io.
    • Experience with Secure Information Systems processes in the cloud, such as AWS.

    Required Experience

  • Qualifications

    REQUIRED QUALIFICATIONS:

    • Bachelor’s degree in related technical field and 10+ years of related experience is required. Additional experience can be substituted for a degree.
    • Experience must include: 5 years of UNIX and/or Windows system administration experience and at least 5 years of IT security experience.
    • Excellent working experience in applying FISMA, and FedRAMP processes and policies to information systems.
    • Excellent oral communication, writing, problem-solving skills, and attention to detail.
    • Strong understanding of Linux and Active Directory.
    • Expert knowledge of IT security vulnerabilities and risk assessments with the ability to explain the risks associated with them to executives, program, and technology staff.
    • Ability to work with program staff, executives, and technology staff to achieve IT security goals and objectives.
    • Certifications: CISSP (or ability to obtain one within 6 months).

     

    DESIRED QUALIFICATIONS:

    • Understanding of the Secure Software Development Life Cycle.
    • Ability to run scans (NESSUS) and validate remediation.
    • Experience with major components and architecture of Tenable such as SecurityCenter, Nessus Manager, scanners, agents, and Tenable.io.
    • Experience with Secure Information Systems processes in the cloud, such as AWS.