ZipRecruiter
Senior Security Engineer (Compliance)
ZipRecruiter, Washington, District of Columbia, us, 20022
Position Summary
Versar, Inc., is seeking a Senior Security Engineer (Compliance) to support the Department of Homeland Security’s Enterprise Engineering Division (EED) within the Office of the Chief Information Officer (OCIO). This candidate will be a member of a high functioning team supporting cybersecurity countermeasures to strengthen DHS enterprise and HQ networks, to include overseeing and providing strategic and tactical direction with security compliance. This candidate will work directly with a team of network and security engineers, data center specialists, ISSOs, industry vendors, and DHS stakeholder groups that includes 20+ DHS Components.
This effort is responsible for providing support for the following Homeland Security Enterprise Network (HSEN) services along with Security Engineering Compliance to include:
Design and development of cybersecurity technology along with integration of new architectural features into existing infrastructures while maintaining the integrity and security of enterprise-wide cyber systems and networks.
Responsibility for DHS Security ATO and RMF compliance support ensuring systems are documented, security control implementation/documentation, self-inspection (STIG/vulnerability/compliance) auditing and issue remediation.
Strong working relationship with ISSOs and technical teams to ensure NIST Compliance and RMF ATO Security Authorization.
Additional Duties / Responsibilities
Provide DHS Security Authorization Support
Assist and support the SOC Security Authorization Process following Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 including, but not limited to, the following elements:
Security Plan Security Risk Assessment Security Controls Assessment Continuity of Operations Plan (COOP) Development of POA&Ms
Provide assistance and support to the SOC System ISSO, to document and maintain the SOC Security Authorization documentation in the Information Assurance Compliance System (IACS), conduct NIST SP 800-53A assessments, and track NOSC Cyber (SOC) POA&Ms. Develop and document a comprehensive COOP which ensures that the Contractor maintains appropriate NOSC Cyber infrastructure backups, and documents priorities and procedures for re-instantiating critical functions in the event of a failure. Test the DHS NOSC Cyber COOP capabilities in conjunction with internal test procedures and the DHS Information Technology Disaster Recovery Plan. Provide support to Government management by establishing POA&Ms and processes for tracking the correction of internal self-assessment and external audit findings relating to security authorization of NOSC operations and activities. Minimum Qualifications / Requirements At least six (6) years of professional experience in an IT Services environment, providing technical support with emphasis on security compliance for federal networks. Prior experience with NIST FIPS Standards, Contingency Plans, Network Infrastructures, Security Impact Analysis, Privacy Impact Security Assessments & Analyses, Standard Operating Procedures. U.S. Federal government consulting experience. Must be resourceful in learning a very complex and dynamically changing network. Must be able to work independently in a fast-paced, dynamic environment. Past experience within the Department of Homeland Security or other government agency is preferred. U.S. citizenship required and eligibility for a DHS EoD is required to be considered for this position. Education BS degree in Information Systems, Computer Engineering, Computer Science, or Cyber Security, or equivalent experience. Certifications Desired Security Certifications: CISSP, CCSP, CISM, GSLC, CISA, CASP, or equivalent. Software/Hardware Desired IBM AppScan, HP WebInspect, Nexpose, Splunk, Nessus, HP Fortify, McAfee SECURE, McAfee Virus Scan, Enterprise, ArcSight Sourcefire, Nagios, Saint, Solarwinds, Remedy, Primavera, Xacta, CSAM.
#J-18808-Ljbffr
Security Plan Security Risk Assessment Security Controls Assessment Continuity of Operations Plan (COOP) Development of POA&Ms
Provide assistance and support to the SOC System ISSO, to document and maintain the SOC Security Authorization documentation in the Information Assurance Compliance System (IACS), conduct NIST SP 800-53A assessments, and track NOSC Cyber (SOC) POA&Ms. Develop and document a comprehensive COOP which ensures that the Contractor maintains appropriate NOSC Cyber infrastructure backups, and documents priorities and procedures for re-instantiating critical functions in the event of a failure. Test the DHS NOSC Cyber COOP capabilities in conjunction with internal test procedures and the DHS Information Technology Disaster Recovery Plan. Provide support to Government management by establishing POA&Ms and processes for tracking the correction of internal self-assessment and external audit findings relating to security authorization of NOSC operations and activities. Minimum Qualifications / Requirements At least six (6) years of professional experience in an IT Services environment, providing technical support with emphasis on security compliance for federal networks. Prior experience with NIST FIPS Standards, Contingency Plans, Network Infrastructures, Security Impact Analysis, Privacy Impact Security Assessments & Analyses, Standard Operating Procedures. U.S. Federal government consulting experience. Must be resourceful in learning a very complex and dynamically changing network. Must be able to work independently in a fast-paced, dynamic environment. Past experience within the Department of Homeland Security or other government agency is preferred. U.S. citizenship required and eligibility for a DHS EoD is required to be considered for this position. Education BS degree in Information Systems, Computer Engineering, Computer Science, or Cyber Security, or equivalent experience. Certifications Desired Security Certifications: CISSP, CCSP, CISM, GSLC, CISA, CASP, or equivalent. Software/Hardware Desired IBM AppScan, HP WebInspect, Nexpose, Splunk, Nessus, HP Fortify, McAfee SECURE, McAfee Virus Scan, Enterprise, ArcSight Sourcefire, Nagios, Saint, Solarwinds, Remedy, Primavera, Xacta, CSAM.
#J-18808-Ljbffr