Soundway Records
IT Information Assurance/Security Engineer, Senior
Soundway Records, Herndon, Virginia, United States, 22070
JOB TITLEIT Information Assurance/Security Engineer, Senior
CLEARANCETS/SCI w/CI Poly
WORK LOCATIONOn client site. Herndon, VA
REMOTE WORKRemote work is not authorized.
TRAVELNone
JOB DESCRIPTIONWe are seeking an Expert IT Information Assurance/Security Engineer to lead and enhance our large enterprise cloud-based systems and applications. In this pivotal role, you will ensure compliance with ISSO roles and responsibilities as defined by agency directives, while performing critical tasks in support of various information assurance programs. Your expertise will be instrumental in security authorization activities, following Risk Management Framework (RMF) policies, and developing essential documentation including System Security Plans (SSPs), Risk Assessment Reports, and Security Controls Traceability Matrices (SCTM). You will also be responsible for crafting Security Test Procedures (STP), conducting self-assessments, and validating security designs to maintain a robust operational security posture.
As a key member of the team, you will analyze system audit logs to detect anomalous activities and potential threats, as well as perform vulnerability assessments to identify and mitigate risks within security systems. Your comprehensive understanding of cybersecurity policies and techniques will help ensure the integrity of information systems, particularly those processing classified information. Collaborating closely with government customers, you will support continuous monitoring (ConMon) activities, manage computer security incidents, and ensure compliance with regulatory standards. Additionally, you will maintain thorough documentation within government record-keeping systems like Xacta, provide configuration management for security-relevant components, and conduct risk analysis for significant changes to applications and systems.
Job Duties
Ensure compliance with ISSO roles and agency directives.
Develop and maintain System Security Plans (SSPs).
Conduct security authorization activities in compliance with RMF.
Create and implement Security Test Procedures (STP).
Perform self-assessments to validate security designs.
Maintain operational security posture for information systems.
Conduct STIG reviews and self-risk assessments.
Analyze system audit logs for anomalous activities.
Perform vulnerability scans and remediation.
Ensure effectiveness of cybersecurity-enabled products and controls.
Identify security gaps and recommend improvements.
Collaborate with government customers on ConMon activities.
Manage computer security incidents and vulnerability compliance.
Input and maintain documentation in Xacta.
Provide configuration management for security-relevant software, hardware, and firmware.
Conduct risk analysis for significant application/system changes.
Provide input for Risk Management Framework process activities.
Stay informed about cybersecurity trends and regulatory changes.
Engage in training and mentorship of junior staff.
Develop policies and guidelines for information security.
Conduct periodic security reviews and audits.
Collaborate with cross-functional teams to enhance security protocols.
Participate in incident response planning and execution.
Review and analyze threat intelligence data.
Advocate for security best practices across the organization.
QUALIFICATIONSMinimum Years of Experience:
Relevant Job Experience Required: 8 years
Overall IT Experience Required: 10 years
Technical Skills and Experience:
FISMA and NIST compliance expertise
Security Control Assessment (NIST SP 800-37, 800-53)
Risk analysis and assessment methodologies
Proficiency in Splunk
Experience with Amazon Web Services (AWS)
Familiarity with Xacta for documentation
Strong written and verbal communication skills
Experience in policy development for Federal/DoD Information Security
Ability to analyze complex security data
Familiarity with cybersecurity incident response procedures
Knowledge of STIGs and vulnerability management
Understanding of Continuous Monitoring (ConMon) practices
Experience in identifying and mitigating security risks
Strong organizational skills and attention to detail
Ability to lead security reviews and audits
Familiarity with risk management processes
Ability to train and mentor junior staff
Strong analytical skills for threat detection
Knowledge of cybersecurity technologies and tools
Understanding of OMB Information Security directives
Experience developing and implementing security policies
Understanding of FISCAM compliance
Education
Bachelor’s degree
in computer science, software engineering or other equally relevant field.
Certification(s)
Currently Active:
Active Security+
CISSP
CISA or equivalent (DoD 8570 IAM 2)
Professional Attributes & ValuesWe are looking for a professional who exemplifies the following core values:
Integrity and Accountability:
Demonstrates principled character, consistently upholding honesty and taking responsibility for their actions with the highest ethical standards.
Respect and Diversity:
Treats others with dignity and fairness, valuing diverse perspectives to foster an inclusive and collaborative work environment.
Effective Communication:
Delivers clear, accurate, and timely written and verbal communications, ensuring comprehensive understanding from the first conveyance.
Interpersonal Skills:
Exhibits a courteous and approachable demeanor, fostering positive relationships and promoting teamwork.
Continuous Improvement:
Proactively seeks opportunities for growth through self-assessment, professional development, and constructive feedback.
SoundWay is an Equal Opportunity Employer (EOE):
SoundWay is committed to diversity, equity, and inclusion. We provide equal employment opportunities without discrimination based on race, religion, age, gender, disability, veteran status, or any other protected characteristic.
Join SoundWay and bring your unique talents to a team that truly values and respects every individual.
ABOUT SOUNDWAYContinued Service to Country through Contracting.
Check out SoundWay on YouTube
BENEFITSSoundWay Pays 100% of the Employee’s Premium for the below benefits and
*SoundWay pays a portion of the additional cost
to add a spouse, partner, child(ren), or family.
Medical Insurance*
Dental Insurance*
Vision Insurance*
Short-Term Disability Insurance
Long-Term Disability Insurance
Basic Life Insurance
Employee Assistance Program
Identity Theft Protection
Additional Competitive Benefits Include:
10 Paid Holidays a Year
Paid Time Off (combined vacation & sick time off)
Matching 401K Voluntary Retirement Plan
Flexible Spending Account
Professional Development Funds
PERKSPerks for Everyone Include:
Flexible Work Schedules
Employee Referral Bonus - $2000 Minimum
Employee Recognition – Award$ & SWAG
Giving Back Sponsorship – Employee-Recommended Events, Charities, & Recipients
ABOUT USFounded by a service-disabled Army veteran in 2011, SoundWay is dedicated to Continued Service to Our Nation Through Contracting. We fulfill this mission by empowering our clients to succeed, enabling our employees to excel, and making a positive impact in everything we do.
Since its founding, SoundWay has been a trusted provider of Information Technology, Cybersecurity, and Mission Support services. As an SBA-certified HUBZone, SDVOSB, and WOSB small business, we are proud to serve a diverse array of clients across the federal government, including Civil Agencies, the Department of Defense (DoD), and the Intelligence Community (IC). We also support businesses with government contracts, ensuring their compliance with FAR 52.204-21, Cybersecurity Maturity Model Certification (CMMC), and NIST SP 800-171 requirements.
Cybersecurity. SoundWay is a recognized leader in Government Cybersecurity Compliance, ranked among the
Top 250
Managed Security Services Providers (MSSP) for 2023. As a Cyber-AB Authorized C3PAO, we are one of fewer than 50 nationwide, offering expert guidance and certification services. Our flagship managed service, CAMO, is a groundbreaking and cost-effective solution for achieving and maintaining CMMC compliance.
Cloud & Systems Engineering. In the realm of Information Technology Professional Services, we offer a comprehensive range of IT engineering, development, testing, integration, and administration services. Our expertise spans cloud platforms like AWS and Azure, containerization tools such as Docker and Kubernetes, as well as programming languages including .Net, C languages, Java, Python, JavaScript, and BASH. We also specialize in database management with Oracle, MySQL, and MongoDB.
#J-18808-Ljbffr
CLEARANCETS/SCI w/CI Poly
WORK LOCATIONOn client site. Herndon, VA
REMOTE WORKRemote work is not authorized.
TRAVELNone
JOB DESCRIPTIONWe are seeking an Expert IT Information Assurance/Security Engineer to lead and enhance our large enterprise cloud-based systems and applications. In this pivotal role, you will ensure compliance with ISSO roles and responsibilities as defined by agency directives, while performing critical tasks in support of various information assurance programs. Your expertise will be instrumental in security authorization activities, following Risk Management Framework (RMF) policies, and developing essential documentation including System Security Plans (SSPs), Risk Assessment Reports, and Security Controls Traceability Matrices (SCTM). You will also be responsible for crafting Security Test Procedures (STP), conducting self-assessments, and validating security designs to maintain a robust operational security posture.
As a key member of the team, you will analyze system audit logs to detect anomalous activities and potential threats, as well as perform vulnerability assessments to identify and mitigate risks within security systems. Your comprehensive understanding of cybersecurity policies and techniques will help ensure the integrity of information systems, particularly those processing classified information. Collaborating closely with government customers, you will support continuous monitoring (ConMon) activities, manage computer security incidents, and ensure compliance with regulatory standards. Additionally, you will maintain thorough documentation within government record-keeping systems like Xacta, provide configuration management for security-relevant components, and conduct risk analysis for significant changes to applications and systems.
Job Duties
Ensure compliance with ISSO roles and agency directives.
Develop and maintain System Security Plans (SSPs).
Conduct security authorization activities in compliance with RMF.
Create and implement Security Test Procedures (STP).
Perform self-assessments to validate security designs.
Maintain operational security posture for information systems.
Conduct STIG reviews and self-risk assessments.
Analyze system audit logs for anomalous activities.
Perform vulnerability scans and remediation.
Ensure effectiveness of cybersecurity-enabled products and controls.
Identify security gaps and recommend improvements.
Collaborate with government customers on ConMon activities.
Manage computer security incidents and vulnerability compliance.
Input and maintain documentation in Xacta.
Provide configuration management for security-relevant software, hardware, and firmware.
Conduct risk analysis for significant application/system changes.
Provide input for Risk Management Framework process activities.
Stay informed about cybersecurity trends and regulatory changes.
Engage in training and mentorship of junior staff.
Develop policies and guidelines for information security.
Conduct periodic security reviews and audits.
Collaborate with cross-functional teams to enhance security protocols.
Participate in incident response planning and execution.
Review and analyze threat intelligence data.
Advocate for security best practices across the organization.
QUALIFICATIONSMinimum Years of Experience:
Relevant Job Experience Required: 8 years
Overall IT Experience Required: 10 years
Technical Skills and Experience:
FISMA and NIST compliance expertise
Security Control Assessment (NIST SP 800-37, 800-53)
Risk analysis and assessment methodologies
Proficiency in Splunk
Experience with Amazon Web Services (AWS)
Familiarity with Xacta for documentation
Strong written and verbal communication skills
Experience in policy development for Federal/DoD Information Security
Ability to analyze complex security data
Familiarity with cybersecurity incident response procedures
Knowledge of STIGs and vulnerability management
Understanding of Continuous Monitoring (ConMon) practices
Experience in identifying and mitigating security risks
Strong organizational skills and attention to detail
Ability to lead security reviews and audits
Familiarity with risk management processes
Ability to train and mentor junior staff
Strong analytical skills for threat detection
Knowledge of cybersecurity technologies and tools
Understanding of OMB Information Security directives
Experience developing and implementing security policies
Understanding of FISCAM compliance
Education
Bachelor’s degree
in computer science, software engineering or other equally relevant field.
Certification(s)
Currently Active:
Active Security+
CISSP
CISA or equivalent (DoD 8570 IAM 2)
Professional Attributes & ValuesWe are looking for a professional who exemplifies the following core values:
Integrity and Accountability:
Demonstrates principled character, consistently upholding honesty and taking responsibility for their actions with the highest ethical standards.
Respect and Diversity:
Treats others with dignity and fairness, valuing diverse perspectives to foster an inclusive and collaborative work environment.
Effective Communication:
Delivers clear, accurate, and timely written and verbal communications, ensuring comprehensive understanding from the first conveyance.
Interpersonal Skills:
Exhibits a courteous and approachable demeanor, fostering positive relationships and promoting teamwork.
Continuous Improvement:
Proactively seeks opportunities for growth through self-assessment, professional development, and constructive feedback.
SoundWay is an Equal Opportunity Employer (EOE):
SoundWay is committed to diversity, equity, and inclusion. We provide equal employment opportunities without discrimination based on race, religion, age, gender, disability, veteran status, or any other protected characteristic.
Join SoundWay and bring your unique talents to a team that truly values and respects every individual.
ABOUT SOUNDWAYContinued Service to Country through Contracting.
Check out SoundWay on YouTube
BENEFITSSoundWay Pays 100% of the Employee’s Premium for the below benefits and
*SoundWay pays a portion of the additional cost
to add a spouse, partner, child(ren), or family.
Medical Insurance*
Dental Insurance*
Vision Insurance*
Short-Term Disability Insurance
Long-Term Disability Insurance
Basic Life Insurance
Employee Assistance Program
Identity Theft Protection
Additional Competitive Benefits Include:
10 Paid Holidays a Year
Paid Time Off (combined vacation & sick time off)
Matching 401K Voluntary Retirement Plan
Flexible Spending Account
Professional Development Funds
PERKSPerks for Everyone Include:
Flexible Work Schedules
Employee Referral Bonus - $2000 Minimum
Employee Recognition – Award$ & SWAG
Giving Back Sponsorship – Employee-Recommended Events, Charities, & Recipients
ABOUT USFounded by a service-disabled Army veteran in 2011, SoundWay is dedicated to Continued Service to Our Nation Through Contracting. We fulfill this mission by empowering our clients to succeed, enabling our employees to excel, and making a positive impact in everything we do.
Since its founding, SoundWay has been a trusted provider of Information Technology, Cybersecurity, and Mission Support services. As an SBA-certified HUBZone, SDVOSB, and WOSB small business, we are proud to serve a diverse array of clients across the federal government, including Civil Agencies, the Department of Defense (DoD), and the Intelligence Community (IC). We also support businesses with government contracts, ensuring their compliance with FAR 52.204-21, Cybersecurity Maturity Model Certification (CMMC), and NIST SP 800-171 requirements.
Cybersecurity. SoundWay is a recognized leader in Government Cybersecurity Compliance, ranked among the
Top 250
Managed Security Services Providers (MSSP) for 2023. As a Cyber-AB Authorized C3PAO, we are one of fewer than 50 nationwide, offering expert guidance and certification services. Our flagship managed service, CAMO, is a groundbreaking and cost-effective solution for achieving and maintaining CMMC compliance.
Cloud & Systems Engineering. In the realm of Information Technology Professional Services, we offer a comprehensive range of IT engineering, development, testing, integration, and administration services. Our expertise spans cloud platforms like AWS and Azure, containerization tools such as Docker and Kubernetes, as well as programming languages including .Net, C languages, Java, Python, JavaScript, and BASH. We also specialize in database management with Oracle, MySQL, and MongoDB.
#J-18808-Ljbffr