Cyber Security InfoSec Engineer

Cyber Security InfoSec Engineer
TechFlow, Inc, United States

Experience
1 Year
Salary
0 - 0
Job Type
Work Study Job
Job Shift
Morning Job
Job Category
Engineering
Traveling
No
Career Level
Non-Managerial
Telecommute
No
Qualification
High School or equivalent
Total Vacancies
1 Job
Posted on
May 11, 2021
Last Date
Jun 11, 2021
Location(s)
Mclean, United States

Job Description

Are you looking for a place to invest in your future? Then consider a job at TechFlow where we provide opportunities for individuals to explore, learn and develop their careers while being part of an exciting team of professionals.

Here are some experiences you may have at TechFlow:

- Work with best-of-breed technologies

- Have fun while being part of a professional team

- Work in a challenging and dynamic environment

- Work in a supportive learning atmosphere where opportunities for training and advancement are provided.

TechFlow is looking for Cyber Security InfoSec Engineer to manage IT applications/systems through the IT Security Assessment and Accreditation (Aamp;A) process. TechFlow requires two resources to provide Cyber Security support. Broker Cyber Security requirements with mission partners, service providers and security counterparts, leveraging resources and managing customer expectations; work with mission partners, stakeholders, and service providers to implement and utilize the Risk Management Framework (RMF) to provide IT Security Assessment and Authorization (Aamp;A) from initiation to completion.

A. Work Requirement:

  • Implement the Risk Management Framework (RMF) process for the Sponsor’s and the Sponsor’s Partner’s IT systems.
  • Manage the IT Security Assessment amp; Authorization (Aamp;A) process for the Sponsor’s and the Sponsor’s Partner’s IT systems.
  • Involved in processing all customer efforts through the RMF and Aamp;A process.
  • Conduct a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an information system.
  • Determine the overall effectiveness of the controls, the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for applications and systems.
  • Provide assessments of the severity of weaknesses or deficiencies discovered in designated information systems and their environments of operation.
  • Recommend corrective actions to address identified vulnerabilities.
  • Assist in the development of system security documentation.
  • Assist in auditing of operational systems.
  • Assess the security aspects of information systems.
  • Play an active role in the monitoring of systems and their environments of operation.
  • Develop and update security plans.
  • Manage and control changes to systems.
  • Assess the security impact of system changes.
  • Provide forensic support for root-cause determination of security related issues.
  • Capture auditable events in applications and infrastructures.
  • Aggregate auditable events into one system for transfer to the Sponsor Enterprise Audit team for analysis.
  • Produce data to support compliance verification.
  • Provide recommendations in support of the design and implementation of User Activity Monitoring (UAM) tools.
  • Coordinate System Requirements Documents (SRDs) with governance oversight, management for review, and determine support for engineering, development and implementation.
  • Coordinate and interface daily with stakeholders to identify and aid in the resolution of Cyber Security related issues.
  • Process, track, and report on all Cyber Security tasking utilizing customer tools such as XACTA, Sponsor’s Help Desk Suite, ServiceNow, Primavera and JIRA.
  • Create and brief required status reports and metrics reports and keep senior management apprised of status.
  • Travel may be required to attend technical exchange meetings, reviews, etc.
  • Core hours are Monday -Friday from 7:00am to 4:00pm.

Requirements

  • Experience in information security.
  • Experience with Risk Management Framework (RMF).
  • Experience with system engineering and system development.
  • Experience with security scanning tools.
  • Experience with Burp and HP WebInspect for websites.
  • Experience with AppDetective for databases.
  • Experience with Nessus for general network and operating system compliance. Demonstrated experience performing patching and misconfiguration checks against Security Technical Implementation Guidelines (STIGs).
  • Experience mapping Active Directory and Public Key Infrastructure (PKI) group and membership accesses.
  • Experience with monitoring tools to include the Centrify product suite.
  • Experience in Lean Agile and DevOps Factory environments.
  • Experience setting up auditing services on Linux, Windows and monitoring of privilege user actions and activities.
  • Experience with Splunk to aggregate the data collected in the auditing process.
  • Certifications
    • Certified Information Systems Security Professional (CISSP) Certification.

Job Specification

Job Rewards and Benefits

More Jobs like this Job

Jobs in Mclean United States
Jobs in this company

TechFlow, Inc

Information Technology and Services - Washington, District of Columbia, United States
© Copyright 2004-2024 Mustakbil.com All Right Reserved.