ziprecruiter
Senior Security Engineer (Compliance)
ziprecruiter, Washington, District of Columbia, us, 20022
Position Summary Versar, Inc., is seeking a Senior Security Engineer (Compliance) to support the Department of Homeland Security’s Enterprise Engineering Division (EED) within the Office of the Chief Information Officer (OCIO). This candidate will be a member of a high functioning team supporting cybersecurity countermeasures to strengthen DHS enterprise and HQ networks, and to provide strategic and tactical direction with security compliance. The candidate will work directly with a team of network and security engineers, data center specialists, ISSOs, industry vendors, and DHS stakeholder groups that includes 20+ DHS Components.
Any additional information you require for this job can be found in the below text Make sure to read thoroughly, then apply. This effort is responsible for providing support for the Homeland Security Enterprise Network (HSEN) services along with Security Engineering Compliance, including: Design and development of cyber security technology along with integration of new architectural features into existing infrastructures while maintaining the integrity and security of enterprise-wide cyber systems and networks. Responsibility for DHS Security ATO and RMF compliance support, ensuring systems are documented, security control implementation/documentation, self-inspection (STIG/vulnerability/compliance) auditing and issue remediation. Strong working relationship with ISSOs and technical teams to ensure NIST Compliance and RMF ATO Security Authorization. Additional Duties / Responsibilities
Provide DHS Security Authorization Support Assist and support the SOC Security Authorization Process following NIST Special Publication 800-53, including but not limited to the following elements:
Security Plan Security Risk Assessment Security Controls Assessment Continuity of Operations Plan (COOP) Development of POA&Ms
Provide assistance and support to the SOC System ISSO to document and maintain the SOC Security Authorization documentation in the Information Assurance Compliance System (IACS), conduct NIST SP 800-53A assessments, and track NOSC Cyber (SOC) POA&Ms. Develop and document a comprehensive COOP ensuring that the Contractor maintains continuity of operations. Maintain appropriate NOSC Cyber infrastructure backups, and document priorities and procedures for re-instantiating critical functions in the event of a failure. Test the DHS NOSC Cyber COOP capabilities in conjunction with internal test procedures and the DHS Information Technology Disaster Recovery Plan. Provide support to Government management by establishing POA&Ms and processes for tracking the correction of internal self-assessment and external audit findings relating to security authorization of NOSC operations and activities. Minimum Qualifications / Requirements
At least six (6) years of professional experience in an IT Services environment, providing technical support with emphasis on security compliance for federal networks. Prior experience with NIST FIPS Standards, Contingency Plans, Network Infrastructures, Security Impact Analysis, Privacy Impact security Assessments & Analyses, and Standard Operating Procedures. U.S. Federal government consulting experience. Must be resourceful in learning a very complex and dynamically changing network. Must be able to work independently in a fast paced, dynamic environment. Past experience within the Department of Homeland Security or other government agency is preferred. U.S. citizenship required and eligibility for a DHS End of Day (EOD) is required to be considered for this position. Education
BS degree in Information Systems, Computer Engineering, Computer Science, or Cyber Security, or equivalent experience Certifications Desired
Security Certifications: CISSP, CCSP, CISM, GSLC, CISA, CASP, or equivalent Software/Hardware Desired
IBM AppScan, HP WebInspect, Nexpose, Splunk, Nessus, HP Fortify, McAfee SECURE, McAfee Virus Scan, Enterprise, ArcSight, Sourcefire, Nagios, SolarWinds, Remedy, Primavera, Xacta, CSAM
#J-18808-Ljbffr
Any additional information you require for this job can be found in the below text Make sure to read thoroughly, then apply. This effort is responsible for providing support for the Homeland Security Enterprise Network (HSEN) services along with Security Engineering Compliance, including: Design and development of cyber security technology along with integration of new architectural features into existing infrastructures while maintaining the integrity and security of enterprise-wide cyber systems and networks. Responsibility for DHS Security ATO and RMF compliance support, ensuring systems are documented, security control implementation/documentation, self-inspection (STIG/vulnerability/compliance) auditing and issue remediation. Strong working relationship with ISSOs and technical teams to ensure NIST Compliance and RMF ATO Security Authorization. Additional Duties / Responsibilities
Provide DHS Security Authorization Support Assist and support the SOC Security Authorization Process following NIST Special Publication 800-53, including but not limited to the following elements:
Security Plan Security Risk Assessment Security Controls Assessment Continuity of Operations Plan (COOP) Development of POA&Ms
Provide assistance and support to the SOC System ISSO to document and maintain the SOC Security Authorization documentation in the Information Assurance Compliance System (IACS), conduct NIST SP 800-53A assessments, and track NOSC Cyber (SOC) POA&Ms. Develop and document a comprehensive COOP ensuring that the Contractor maintains continuity of operations. Maintain appropriate NOSC Cyber infrastructure backups, and document priorities and procedures for re-instantiating critical functions in the event of a failure. Test the DHS NOSC Cyber COOP capabilities in conjunction with internal test procedures and the DHS Information Technology Disaster Recovery Plan. Provide support to Government management by establishing POA&Ms and processes for tracking the correction of internal self-assessment and external audit findings relating to security authorization of NOSC operations and activities. Minimum Qualifications / Requirements
At least six (6) years of professional experience in an IT Services environment, providing technical support with emphasis on security compliance for federal networks. Prior experience with NIST FIPS Standards, Contingency Plans, Network Infrastructures, Security Impact Analysis, Privacy Impact security Assessments & Analyses, and Standard Operating Procedures. U.S. Federal government consulting experience. Must be resourceful in learning a very complex and dynamically changing network. Must be able to work independently in a fast paced, dynamic environment. Past experience within the Department of Homeland Security or other government agency is preferred. U.S. citizenship required and eligibility for a DHS End of Day (EOD) is required to be considered for this position. Education
BS degree in Information Systems, Computer Engineering, Computer Science, or Cyber Security, or equivalent experience Certifications Desired
Security Certifications: CISSP, CCSP, CISM, GSLC, CISA, CASP, or equivalent Software/Hardware Desired
IBM AppScan, HP WebInspect, Nexpose, Splunk, Nessus, HP Fortify, McAfee SECURE, McAfee Virus Scan, Enterprise, ArcSight, Sourcefire, Nagios, SolarWinds, Remedy, Primavera, Xacta, CSAM
#J-18808-Ljbffr