cFocus Software Incorporated
Cybersecurity Engineer - FCC
cFocus Software Incorporated, Washington, District of Columbia, us, 20022
cFocus Software seeks a Cybersecurity Engineer to join our program supporting the Federal Communications Commission (FCC). This position is on-site in Washington, DC.
Qualifications:
Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Information Technologies, or other related fields Certified Information Systems Security Professional (CISSP) or Information Systems Security Engineering Professional (ISSEP) certifications required. and Microsoft Certified Cybersecurity Architect Expert 7+ years of experience performing cyber infrastructure support activities in Enterprise Cybersecurity Support government contracts Core competencies in Cybersecurity Engineering practices Possess the knowledge, skills, tasks, and capabilities described in the Work Role for Infrastructure Support (PD-WRL-004) as outlined in the NICE Work Role Framework Certified in one of the following certifications:
GIAC Certified Forensics Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), Certified Forensic Computer Examiner (CFCE), and EnCase Certified Examiner (EnCE).
Duties:
Assess and recommend access control systems, application and file security, security practices, intrusion detection/prevention, logical/physical security, interfaces, servers, public critical infrastructure, network architecture, and VPNs. Support system design reviews, DevSecOps, secure Enterprise Data Lake capabilities, and evaluate system integration strategies concerning security impacts. Recommend design approaches to address system vulnerabilities from test to operational environments. Perform system administration, configuration, patching, upgrades, and optimization of SOC tools, devices, applications, and sensors per FCC timelines. Manage and administrate cybersecurity tools. Create, maintain, and support compliance content for the FCC Continuous Diagnostics and Mitigation (CDM) toolset to measure system compliance against Security Configuration Specifications. Maintain a consolidated inventory of FCC security tools. Implement standardized security across the enterprise. Provide security-engineering services for private and public Cloud architectures and applications. Leverage cloud solutions using a Cloud Service Provider (CSP) with FedRAMP JAB Provisional Authorization to Operate (ATO) or Agency ATO for IaaS, PaaS, and SaaS. Support automatic assignment of STIGs or security checklists using metadata and Common Platform Enumeration (CPE) information. Support the creation of default evidence, comments, and statuses for specific CCIs and rules to facilitate speedy assessments. Support integration of automated tools and data formats to expedite accurate assessments by importing common Federal and industry standards, mapping and de-conflicting rules between automated scans, and supporting future integration of changing standards (and backward compatibility).
#J-18808-Ljbffr
Qualifications:
Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Information Technologies, or other related fields Certified Information Systems Security Professional (CISSP) or Information Systems Security Engineering Professional (ISSEP) certifications required. and Microsoft Certified Cybersecurity Architect Expert 7+ years of experience performing cyber infrastructure support activities in Enterprise Cybersecurity Support government contracts Core competencies in Cybersecurity Engineering practices Possess the knowledge, skills, tasks, and capabilities described in the Work Role for Infrastructure Support (PD-WRL-004) as outlined in the NICE Work Role Framework Certified in one of the following certifications:
GIAC Certified Forensics Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), Certified Forensic Computer Examiner (CFCE), and EnCase Certified Examiner (EnCE).
Duties:
Assess and recommend access control systems, application and file security, security practices, intrusion detection/prevention, logical/physical security, interfaces, servers, public critical infrastructure, network architecture, and VPNs. Support system design reviews, DevSecOps, secure Enterprise Data Lake capabilities, and evaluate system integration strategies concerning security impacts. Recommend design approaches to address system vulnerabilities from test to operational environments. Perform system administration, configuration, patching, upgrades, and optimization of SOC tools, devices, applications, and sensors per FCC timelines. Manage and administrate cybersecurity tools. Create, maintain, and support compliance content for the FCC Continuous Diagnostics and Mitigation (CDM) toolset to measure system compliance against Security Configuration Specifications. Maintain a consolidated inventory of FCC security tools. Implement standardized security across the enterprise. Provide security-engineering services for private and public Cloud architectures and applications. Leverage cloud solutions using a Cloud Service Provider (CSP) with FedRAMP JAB Provisional Authorization to Operate (ATO) or Agency ATO for IaaS, PaaS, and SaaS. Support automatic assignment of STIGs or security checklists using metadata and Common Platform Enumeration (CPE) information. Support the creation of default evidence, comments, and statuses for specific CCIs and rules to facilitate speedy assessments. Support integration of automated tools and data formats to expedite accurate assessments by importing common Federal and industry standards, mapping and de-conflicting rules between automated scans, and supporting future integration of changing standards (and backward compatibility).
#J-18808-Ljbffr