Senior IT Information Assurance/Security Engineer
Onsite | Herndon, VA | 5 Days a Week
Active TS/SCI, CI Poly Clearance Required
Summary
Our client provides reliable, effective, and innovative technology solutions that advance federal, state, local, and nonprofit missions. Their technologists and consultants are passionate about solving complex challenges that impact millions of lives. Also, our client takes a Mindful Modernization approach in delivering our application modernization, grants management systems, government data analytics, and advisory services. Mindful Modernization is our client's way of delivering mission impact by aligning our government customers’ strategic objectives to measurable outcomes through people, processes, and technology.
Responsibilities
Our client is seeking an Expert IT Information Assurance/Security Engineer to lead and enhance their large enterprise cloud-based systems and applications. In this pivotal role, you will ensure compliance with ISSO roles and responsibilities as defined by agency directives, while performing critical tasks in support of various information assurance programs. Your expertise will be instrumental in security authorization activities, following Risk Management Framework (RMF) policies, and developing essential documentation including System Security Plans (SSPs), Risk Assessment Reports, and Security Controls Traceability Matrices (SCTM). You will also be responsible for crafting Security Test Procedures (STP), conducting self-assessments, and validating security designs to maintain a robust operational security posture.
As a key member of the team, you will analyze system audit logs to detect anomalous activities and potential threats, as well as perform vulnerability assessments to identify and mitigate risks within security systems. Your comprehensive understanding of cybersecurity policies and techniques will help ensure the integrity of information systems, particularly those processing classified information. Collaborating closely with government customers, you will support continuous monitoring (ConMon) activities, manage computer security incidents, and ensure compliance with regulatory standards. Additionally, you will maintain thorough documentation within government record-keeping systems like Xacta, provide configuration management for security-relevant components, and conduct risk analysis for significant changes to applications and systems.
Ensure compliance with ISSO roles and agency directivesDevelop and maintain System Security Plans (SSPs)Conduct security authorization activities in compliance with RMFCreate and implement Security Test Procedures (STP)Perform self-assessments to validate security designsMaintain operational security posture for information systemsConduct STIG reviews and self-risk assessmentsAnalyze system audit logs for anomalous activitiesPerform vulnerability scans and remediationEnsure effectiveness of cybersecurity-enabled products and controlsIdentify security gaps and recommend improvementsCollaborate with government customers on ConMon activitiesManage computer security incidents and vulnerability complianceInput and maintain documentation in XactaProvide configuration management for security-relevant software, hardware, and firmwareConduct risk analysis for significant application/system changesProvide input for Risk Management Framework process activitiesStay informed about cybersecurity trends and regulatory changesEngage in training and mentorship of junior staffDevelop policies and guidelines for information securityConduct periodic security reviews and auditsCollaborate with cross-functional teams to enhance security protocolsParticipate in incident response planning and executionReview and analyze threat intelligence dataAdvocate for security best practices across the organizationRequirements
8+ years of relevant job experience10+ years of overall IT experience FISMA and NIST compliance expertiseSecurity Control Assessment (NIST SP 800-37, 800-53)Risk analysis and assessment methodologiesProficiency in SplunkExperience with Amazon Web Services (AWS)Familiarity with Xacta for documentationStrong written and verbal communication skillsExperience in policy development for Federal/DoD Information SecurityAbility to analyze complex security dataFamiliarity with cybersecurity incident response proceduresKnowledge of STIGs and vulnerability managementUnderstanding of Continuous Monitoring (ConMon) practicesExperience in identifying and mitigating security risksStrong organizational skills and attention to detailAbility to lead security reviews and auditsFamiliarity with risk management processesAbility to train and mentor junior staffStrong analytical skills for threat detectionKnowledge of cybersecurity technologies and toolsUnderstanding of OMB Information Security directivesExperience developing and implementing security policiesUnderstanding of FISCAM complianceEducation/Certification Requirements
A Bachelor’s degree in computer science, software engineering, or other equally relevant field is requiredActive Security+CISSPCISA or equivalent (DoD 8570 IAM 2)Clearance Requirements
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; an active TS/SCI clearance with a CI poly that has been obtained in the past six years is required.Other DutiesPlease note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice. -------------- About UsNorthern Virginia-based Precision Solutions is an expert in staffing solutions for companies of any size that open the door to new opportunities and seek outstanding talent. We pride ourselves on being versatile enough to tailor our relationships to the needs of each individual client, being agile in the fast-paced marketplace, and being precise in meeting the needs of any company. Equal Opportunity Employer StatementPrecision Solutions is an equal opportunity employer. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws. Options ApplyApplyShareRefer this job to a friendRefer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Application FAQsSoftware Powered by iCIMS
www.icims.com