Detail of : Cyber Security InfoSec Engineer Senior level Job Openings in McLean
The Cyber Security InfoSec Engineer team shall implement the Risk Management Framework (RMF) and IT Security Assessment & Authorization (A&A) for the Sponsor’s and the Sponsor’s Partner’s IT systems. The Cyber Security InfoSec Engineer team shall be directly involved in processing all customer efforts through the various facets of the RMF and A&A process by conducting a comprehensive assessment of the management, operational and technical security controls employed within or inherited by an information system to determine the overall effectiveness of the controls (i.e., the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for applications/systems). The Cyber Security InfoSec Engineer team shall also provide assessments of the severity of weaknesses or deficiencies discovered in designated information systems and their environments of operation; recommend corrective actions to address identified vulnerabilities and assist in the development of system security documentation and auditing of operational systems. Additionally, the Cyber Security InfoSec Engineer shall assess the security aspects of an information system. The Cyber Security InfoSec Engineer team shall play an active role in the monitoring of systems and their environments of operation to include developing and updating the security plans, managing and controlling changes to systems, and assessing the security impact of those changes. Periodically, the Cyber Security InfoSec Engineer shall provide forensic support for root-cause determination of security related issues.
The Cyber Security InfoSec Engineer team shall provide the required Cyber Security support to achieve the following:
Capture of auditable events in applications and infrastructures and aggregate events into one system for transfer to the Sponsor Enterprise Audit team for analysis. This data supports compliance verification.
Requirements’ assessments for the design and implementation of User Activity Monitoring (UAM).
Coordination of System Requirements Documents (SRDs) with governance oversight management for review and determine support for engineering/development and implementation.
The Cyber Security InfoSec Engineer team shall work across all levels of management, other branches, divisions, which may include additional service providers to implement Risk Management Framework (RMF) and Assessment & Authorization (A&A). The Cyber Security InfoSec Engineer team shall coordinate and interface daily with Sponsor representatives and various Sponsor’s Partner’s components to identify and aid in the resolution of Cyber Security related issues. The Contractor team shall process, track and report on all Cyber Security tasking utilizing customer tools (i.e., XACTA, Sponsor’s Help Desk Suite, ServiceNow, Primavera and JIRA). The Cyber Security InfoSec Engineer team shall create and brief required status reports and metrics reports and keep senior management apprised of status. Travel may be required to attend technical exchange meetings, reviews, etc.
Additionally, the Cyber Security InfoSec Engineer Team Lead shall ensure all designate tasks are assigned to team members and meet deadlines for on time products and services delivery. The Cyber Security InfoSec Engineer Team Lead shall generate ad- hoc reports, staffing schedules and ensuring there is adequate team coverage during core work hours. The Cyber Security InfoSec Engineer team must provide coverage Monday -Friday from 7:00am to 4:00pm Monday from Friday.
Required Skills and Demonstrated Experience:
Demonstrated experience in information security.
Demonstrated experience Risk Management Framework (RMF).
Demonstrated experience with Assessment & Authorization (A&A).
Demonstrated experience with system engineering and/or system development.
Demonstrated experience with security scanning tools. The minimum required include each of the following: Burp and HP WebInspect for websites, AppDetective for databases and Nessus for general network and operating system compliance (patching and misconfiguration checks against the Security Technical Implementation Guidelines (STIGs).
Demonstrated experience mapping Active Directory and Public Key Infrastructure (PKI) group and membership accesses.
Demonstrated experience with monitoring tools for include the Centrify product suite.
Demonstrated experience in Lean Agile and DevOps Factory environments.
Demonstrated experience setting up auditing services on Linux, Windows and monitoring of privilege user actions and activities.
Demonstrated experience with Splunk to aggregate the data collected in the auditing process.
Team Lead Required Skills and Demonstrated Experience:
Demonstrated on-the-job experience as an Information System Security Engineer (ISSE) or Cyber Security Architect.
Demonstrated experience in leading an integrated team of System Engineers, Developers and ISSOs/ISSEs.
Demonstrated experience working in a fast-paced environment.
Demonstrated experience in managing changing and competing priorities.
Highly Desired Demonstrated Experience: Certified Information Systems Security Professional (CISSP) Certification.
Certified in Risk and Information Security Controls (CRISC).
Completion of the Sponsor’s System Administrator Security Course (SASC).
Demonstrated experience with manual auditing procedures associated with Amazon Web Services (AWS).
Demonstrated experience within the last 3 years with performing network and firewall administration.
Demonstrated on-the-job experience as an Information System Security Engineer (ISSE).
Clearance Required: Active TS/SCI security clearance and the ability to pass a Full Scope Poly.
Long Term Disability
Basic Life Insurance
Basic Accidental Death & Dismemberment Insurance
Direct Payroll Deposit
Short Term Disability
Additional (Voluntary) Life Insurance
Additional (Voluntary) AD&D Insurance
Vision Care Plan
Flexible Spending Account Plan
AFLAC Supplementary Insurances
AAP/EEO Statement Core4ce is an Equal Opportunity Employer. Core4ce does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need. Core4ce provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Core4ce complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Core4ce expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Core4ce’s employees to perform their job duties may result in discipline up to and including discharge. Reasonable Accommodation Statement If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to HR@. (Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment)
For further information, please refer official source from Core4ce.com on following link below. To find out where you fit in, please visit :
Only qualified candidates that meet with the above requirements would be processed in this recruitment.
Only candidates that meet the above qualification will be shortlisted.
If you are not interested in Cyber Security InfoSec Engineer Senior level McLean April 2021 Core4ce.com above, you can try to find your job by read related jobs from another company in McLean below.
Apply This Job
Please submit your application via the link below:
Do not forget to like our fanpage to get the latest job information
Please note that we do not accept any CV submissions. If You want to apply for a job that you have discovered on jobs-chicago.net, simply click on the provided job application link and follow the instructions afterwards. You'll be taken to a more detailed page.