Coalfire Federal
Information System Security Engineer (ISSE) - Hybrid
Coalfire Federal, Washington, District of Columbia 20036
About Coalfire Coalfire Federal is a market leading cybersecurity consultancy firm that provides independent and tailored advice, assessments, technical testing and a full suite of cyber engineering services to Federal agency customers. Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with leading cloud and technology providers including Amazon, Microsoft, IBM, Google and Oracle and Federal agencies. Coalfire has been a cybersecurity thought leader for over 20 years and has offices throughout the United States and Europe and is committed to making the world a safer place by solving our clients' toughest security challenges. But that's not who we are - that's just what we do. We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. We're on the lookout for a Information System Security Engineer (ISSE) / System Security Engineer to support our Federal team. Location Our clientele is largely in the government space, primarily within the Washington, D.C. / Maryland / Northern Virginia (DMV) areas. While we do offer opportunities that are remote, hybrid, or on-site - a position location and travel may vary based on client needs, and so local candidates may be preferred. What you'll do Provide security system engineering and security architectural design support services for Azure and custom application development (.Net, SharePoint. Python and Drupal). Support identification and documentation of operations solutions in line with NIST security controls, and client requirements. Create security rules (alerts) that trigger on anomalous activities or threat detections. Development, deployment, or administration of VMware, RSA NetWitness, Cisco StealthWatch or similar tools. Manage virtual server resources including performance, capacity, availability, serviceability, and recoverability. Support the agency with meeting NIST SP 800-37 Risk Management Framework (RMF) requirements. Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level. Support Configuration Control Board, and Technical Review board to review cybersecurity requirements and countermeasures for systems and/or applications. Support cybersecurity testing and analysis of developed applications and/or systems. Provide cybersecurity recommendations to leadership based on significant threats and vulnerabilities. Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan. Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities. Assess the effectiveness of cybersecurity measures utilized by system(s). Design hardware, operating systems, and software applications to adequately address cybersecurity requirements. Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle. What you'll bring Experience working with cloud services such as AWS, Azure and O365 and cloud access security brokers. Experience in the use of network monitoring tools with a strong understanding of network protocols. Ability to perform security analysis, development and implementation of security policies, standards, and guidelines. Ability to quickly explore, examine and understand complex security problems and how it affects a customer's business. Host/network access control mechanisms (e.g., access control list, capabilities lists). Cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data. Vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins). Incident response and handling methodologies. Intrusion detection methodologies and techniques for detecting host and network- How traffic flows across the network (e.g., transmission control protocol [TCP] and internet protocol [ip], open system interconnection model [osi], information technology infrastructure library, current version [ITIL]). System and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, procedural language/structured query language [pl/sql] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). System life cycle management principles, including software security and usability. Information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures. Critical infrastructure systems with information communication technology that were designed without system security considerations. Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). Educatio Completed Bachelor's degree from an accredited university is required, preferably in an IT related field. Clearance / Suitability Ability to obtain a clearance or a Public Trust is preferred, however all clearance levels and non-cleared applicants will also be considered. Certifications Our aim is to build a technologically diverse team - so while we don't have a set list, there may be certain benchmarks we look for that apply to your expertise. We recommend checking out the DoD Approved 8570 Baseline Certifications as an example. Preferred certifications typical for roles in our federal delivery services may include: CEH, CISA, CISSP, CISM, cloud certifications, or other industry recognized certification. Years of Experience At least 5 to 7 years of expereience related to the qualifications above, including work with security monitoring tools such as IDS/IPS, FWs and NACs and protocols such as NetFlow (Snort, Bro, Palo Alto, Checkpoint, Cisco ISE, FireEye, Gigamon). Bonus Points Development, deployment, or administration of Splunk. Why you'll want to join us Our people make Coalfire Federal great. We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve. Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. Regardless of location, you'll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You'll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. You'll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support memberships, and comprehensive insurance options. Coalfire is an EEO employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.