Collaboredge Inc.
Q000 Q007 IT Security Engineer
Collaboredge Inc., Washington, District of Columbia, us, 20022
Short Description
Q007 - IT Security Engineer
Hybrid position - will require on-site reporting to OCIO office
Responsibilities
Support the IT Service Catalog and automation as second‑tier support for Strategy and Planning
Perform security assessments, identify gaps in existing security architecture and recommend changes or improvements
Design security architecture elements to mitigate threats
Create solutions that align enterprise security architecture frameworks and standards (e.g. SABSA, NIST 800‑53, ISO 27002) with overall business and security strategy
Participate in risk assessments for new technologies and projects
Employ secure configuration management processes
Assist in developing a disaster recovery and business continuity plan; identify and prioritize system functions required to promote continuity and availability of critical business processes
Document security requirements and controls for protecting information, systems, and technology assets
Define and document how the implementation of a new technology impacts the security posture of the current environment
Document and update as necessary all definition and architecture activities
Provide input on security requirements to be included in RFPs, SOWs, and other procurement documents
Communicate current and emerging security threats to project team members
Education
Bachelor’s or Master’s degree in information technology or computer science
Equivalent combination of education and successful work experience (15 years)
Experience & Certifications
Minimum of 10+ years of experience in Security Architecture & Engineering
CISSP, CISA, CISM, or other relevant security related designation(s) – must & required
Certifications in CISSP‑ISSAP, TOGAF, or SABSA considered an asset
Qualifications
Experience in identifying gaps in existing architectures
Experience in designing security architectures to mitigate threats
Knowledge of computer networking concepts and protocols (e.g. TCP/IP, DNS) and network security methodologies
Knowledge of network access, identity, and access management (e.g. public key infrastructure, OAuth, OpenID, SAML, SPML)
Knowledge of capabilities and applications of network equipment including routers, switches, servers, transmission media, and related hardware
Knowledge of remote access technology concepts
Knowledge of application firewall concepts and functions (e.g. single point of authentication enforcement, data anonymization, DLP scanning, SSL security)
Work experience in cybersecurity designs for systems, networks, and multi‑level security requirements or requirements for processing multiple classification levels of data
Knowledge of risk management processes and experience in conducting risk assessments
Familiarity with the application of privacy principles to organizational requirements
Knowledge of identity and access management methods
Experience with Windows, Unix, and Linux operating systems
Knowledge of business continuity and disaster recovery operation plans
Strong analytical and problem‑solving skills capable of managing projects that drive business objectives
Exceptional written, oral, and interpersonal communication skills
Ability to work in team environments and to negotiate with multiple stakeholders
Ability to meet tight deadlines and to prioritize tasks
Innovative thinker who is self‑directed and resourceful
Candidate Skills Matrix
Experience in identifying gaps in existing architectures – Required
Experience in designing security architectures to mitigate threats – Required
Knowledge of computer networking concepts and protocols (e.g. TCP/IP, DNS) and network security methodologies – Required
Knowledge of network access, identity, and access management (e.g. public key infrastructure, OAuth, OpenID, SAML, SPML) – Required
Knowledge of capabilities and applications of network equipment including routers, switches, servers, transmission media, and related hardware – Required
Knowledge of remote access technology concepts – Required
Knowledge of application firewall concepts/functions (e.g. single point of authentication enforcement, data anonymization, DLP scanning, SSL security) – Required
Cybersecurity designs for systems, networks, and multi‑level security requirements or requirements for processing classification levels of data – Required
Knowledge of risk management processes and experience in conducting risk assessments – Required
Familiarity with the application of privacy principles to organizational requirements – Required
Knowledge of identity and access management methods – Required
Experience with Windows, Unix, and Linux operating systems – Required
Knowledge of business continuity and disaster recovery operation plans – Required
Background Check Extensive criminal history background check will be required. We cannot submit candidates with recent histories (go back seven years) of extensive driving, drug, robbery or any other illegal activity. Any criminal activity on the background check will eliminate the candidate from consideration. If selected, please make certain that you inform all candidates that they will have to complete this criminal background check prior to starting. National background checks are required; Federal background checks are NOT compliant under this contract. A national background check is a national criminal background check that pulls criminal records from State and County Courts in almost every US State.
#J-18808-Ljbffr
Hybrid position - will require on-site reporting to OCIO office
Responsibilities
Support the IT Service Catalog and automation as second‑tier support for Strategy and Planning
Perform security assessments, identify gaps in existing security architecture and recommend changes or improvements
Design security architecture elements to mitigate threats
Create solutions that align enterprise security architecture frameworks and standards (e.g. SABSA, NIST 800‑53, ISO 27002) with overall business and security strategy
Participate in risk assessments for new technologies and projects
Employ secure configuration management processes
Assist in developing a disaster recovery and business continuity plan; identify and prioritize system functions required to promote continuity and availability of critical business processes
Document security requirements and controls for protecting information, systems, and technology assets
Define and document how the implementation of a new technology impacts the security posture of the current environment
Document and update as necessary all definition and architecture activities
Provide input on security requirements to be included in RFPs, SOWs, and other procurement documents
Communicate current and emerging security threats to project team members
Education
Bachelor’s or Master’s degree in information technology or computer science
Equivalent combination of education and successful work experience (15 years)
Experience & Certifications
Minimum of 10+ years of experience in Security Architecture & Engineering
CISSP, CISA, CISM, or other relevant security related designation(s) – must & required
Certifications in CISSP‑ISSAP, TOGAF, or SABSA considered an asset
Qualifications
Experience in identifying gaps in existing architectures
Experience in designing security architectures to mitigate threats
Knowledge of computer networking concepts and protocols (e.g. TCP/IP, DNS) and network security methodologies
Knowledge of network access, identity, and access management (e.g. public key infrastructure, OAuth, OpenID, SAML, SPML)
Knowledge of capabilities and applications of network equipment including routers, switches, servers, transmission media, and related hardware
Knowledge of remote access technology concepts
Knowledge of application firewall concepts and functions (e.g. single point of authentication enforcement, data anonymization, DLP scanning, SSL security)
Work experience in cybersecurity designs for systems, networks, and multi‑level security requirements or requirements for processing multiple classification levels of data
Knowledge of risk management processes and experience in conducting risk assessments
Familiarity with the application of privacy principles to organizational requirements
Knowledge of identity and access management methods
Experience with Windows, Unix, and Linux operating systems
Knowledge of business continuity and disaster recovery operation plans
Strong analytical and problem‑solving skills capable of managing projects that drive business objectives
Exceptional written, oral, and interpersonal communication skills
Ability to work in team environments and to negotiate with multiple stakeholders
Ability to meet tight deadlines and to prioritize tasks
Innovative thinker who is self‑directed and resourceful
Candidate Skills Matrix
Experience in identifying gaps in existing architectures – Required
Experience in designing security architectures to mitigate threats – Required
Knowledge of computer networking concepts and protocols (e.g. TCP/IP, DNS) and network security methodologies – Required
Knowledge of network access, identity, and access management (e.g. public key infrastructure, OAuth, OpenID, SAML, SPML) – Required
Knowledge of capabilities and applications of network equipment including routers, switches, servers, transmission media, and related hardware – Required
Knowledge of remote access technology concepts – Required
Knowledge of application firewall concepts/functions (e.g. single point of authentication enforcement, data anonymization, DLP scanning, SSL security) – Required
Cybersecurity designs for systems, networks, and multi‑level security requirements or requirements for processing classification levels of data – Required
Knowledge of risk management processes and experience in conducting risk assessments – Required
Familiarity with the application of privacy principles to organizational requirements – Required
Knowledge of identity and access management methods – Required
Experience with Windows, Unix, and Linux operating systems – Required
Knowledge of business continuity and disaster recovery operation plans – Required
Background Check Extensive criminal history background check will be required. We cannot submit candidates with recent histories (go back seven years) of extensive driving, drug, robbery or any other illegal activity. Any criminal activity on the background check will eliminate the candidate from consideration. If selected, please make certain that you inform all candidates that they will have to complete this criminal background check prior to starting. National background checks are required; Federal background checks are NOT compliant under this contract. A national background check is a national criminal background check that pulls criminal records from State and County Courts in almost every US State.
#J-18808-Ljbffr