ECS
Security Engineer
ECS, Fairfax, Virginia, United States, 22032
ECS is seeking a
Security Engineer
to work in our
Fairfax, VA
office / remote.
ECS is seeking talented professionals to join our successful and growing team in building the next-generation Continuous Diagnostics and Mitigation (CDM) Cyber data solution. The CDM Program is the Cybersecurity and Infrastructure Security Agency's (CISA) dynamic approach to strengthening the cybersecurity of Federal networks and systems through better awareness and visibility into their security posture and cyber threats. ECS is responsible for designing, building, deploying, operating, and maintaining a complete 'Data Services' solution which includes the collection, normalization, visualization, and sharing of cyber data from more than 100 Federal agencies. The CDM Data Services product is an integrated suite of multiple Commercial Off the Shelf (COTS) products, software configuration packages, and custom code which work together to operate as an integrated solution tailored to meet Department of Homeland Security (DHS) requirements.
We are seeking professionals who thrive in a dynamic, fast-paced, and highly collaborative environment where problem-solving, critical thinking, and a holistic approach to serving the mission are key. Our program operates within the Scaled Agile Framework (SAFe). An aptitude and enthusiasm for continuous learning, improvement, and cyber security is a must!
The Security Engineer will apply their knowledge to scrutinize the security architecture, implementation, deployment, and operations of the CDM Dashboard and define/implement plans of action, processes, and procedures. As a Security Engineer, you will have opportunities to master and serve as a reference in one or more technical domains such as network protocols/security, software engineering, virtualization, and operating systems. This individual will be responsible for evaluating the security of the dashboard under this new program initiative in order to satisfy program requirements, and prevent attack, damage, or unauthorized access. You will also support ECS and DHS customers in security-related areas and become, or continue to be, a recognized industry expert in your field. Specific responsibilities include but are not limited to:
Providing security technical expertise for processes and procedures across the CDM program Providing technical expertise for all CDM program security matters in technical domains such as network protocols/security, hardware security, software engineering, virtualization, and operating systems Providing technical expertise and management in order to maintain DHS Authority to Operate (ATO) of the CDM program. Applying their in-depth knowledge to scrutinize the security architecture, implementation, deployment, and operations of the CDM program and define/implement plans of action, processes, and procedures. Evaluating the security of the CDM program to satisfy DHS security controls, program requirements, and prevent attack, damage, or unauthorized access Participate in operational security tasks such as Incident Response, System Monitoring, and Continuous Monitoring practices Salary Range: $117,000 - $175,000
General Description of Benefits
US citizenship with ability to obtain Public Trust Suitability 4+ years of experience In-depth understanding of general information security concepts and principles, system architectures and development, network protocols, etc. In-depth experience with supporting system DHS Authority to Operate (ATO) processes and creating artifacts, control implementation details, and POAMs In-depth experience with Information Security Continuous Monitoring (ISCM), RMF automation, and Comply to Connect In-depth experience with National Institute of Standards and Technology (NIST) security controls, the Governance, Risk Management, and Compliance (GRC) security documentation tool, Risk Management Framework (RMF), and security compliance processes. Experience scrutinizing and providing solutions to ensure code in CI/CD pipelines adheres to ATO security requirements. Experience implementing industry standard security best practices for Kubernetes and Docker. In-depth experience with Federal Information Security Management Act (FISMA) and Federal Information System Controls Audit Manual (FISCAM) criteria. In-depth experience with relationship building and maintenance as it relates to internal and external team members, certification authorities, ISSOs and ISSMs and customers Ability to analyze authorization documents and associated artifacts against authorization requirements to identify gaps, establish a schedule to address outstanding authorization requirements, and coordinate directly with system team stakeholders Ability to analyze vulnerability assessment data to identify technical risks to the organization Ability to work across multiple disciplines Eagerness to dig into technical questions and problems, enthusiasm, good customer interface skills, positive attitude, strong communication skills (written and verbal), and effective teamwork and technical collaboration skills Note: Fairfax, VA office with option to work remotely
Security Engineer
to work in our
Fairfax, VA
office / remote.
ECS is seeking talented professionals to join our successful and growing team in building the next-generation Continuous Diagnostics and Mitigation (CDM) Cyber data solution. The CDM Program is the Cybersecurity and Infrastructure Security Agency's (CISA) dynamic approach to strengthening the cybersecurity of Federal networks and systems through better awareness and visibility into their security posture and cyber threats. ECS is responsible for designing, building, deploying, operating, and maintaining a complete 'Data Services' solution which includes the collection, normalization, visualization, and sharing of cyber data from more than 100 Federal agencies. The CDM Data Services product is an integrated suite of multiple Commercial Off the Shelf (COTS) products, software configuration packages, and custom code which work together to operate as an integrated solution tailored to meet Department of Homeland Security (DHS) requirements.
We are seeking professionals who thrive in a dynamic, fast-paced, and highly collaborative environment where problem-solving, critical thinking, and a holistic approach to serving the mission are key. Our program operates within the Scaled Agile Framework (SAFe). An aptitude and enthusiasm for continuous learning, improvement, and cyber security is a must!
The Security Engineer will apply their knowledge to scrutinize the security architecture, implementation, deployment, and operations of the CDM Dashboard and define/implement plans of action, processes, and procedures. As a Security Engineer, you will have opportunities to master and serve as a reference in one or more technical domains such as network protocols/security, software engineering, virtualization, and operating systems. This individual will be responsible for evaluating the security of the dashboard under this new program initiative in order to satisfy program requirements, and prevent attack, damage, or unauthorized access. You will also support ECS and DHS customers in security-related areas and become, or continue to be, a recognized industry expert in your field. Specific responsibilities include but are not limited to:
Providing security technical expertise for processes and procedures across the CDM program Providing technical expertise for all CDM program security matters in technical domains such as network protocols/security, hardware security, software engineering, virtualization, and operating systems Providing technical expertise and management in order to maintain DHS Authority to Operate (ATO) of the CDM program. Applying their in-depth knowledge to scrutinize the security architecture, implementation, deployment, and operations of the CDM program and define/implement plans of action, processes, and procedures. Evaluating the security of the CDM program to satisfy DHS security controls, program requirements, and prevent attack, damage, or unauthorized access Participate in operational security tasks such as Incident Response, System Monitoring, and Continuous Monitoring practices Salary Range: $117,000 - $175,000
General Description of Benefits
US citizenship with ability to obtain Public Trust Suitability 4+ years of experience In-depth understanding of general information security concepts and principles, system architectures and development, network protocols, etc. In-depth experience with supporting system DHS Authority to Operate (ATO) processes and creating artifacts, control implementation details, and POAMs In-depth experience with Information Security Continuous Monitoring (ISCM), RMF automation, and Comply to Connect In-depth experience with National Institute of Standards and Technology (NIST) security controls, the Governance, Risk Management, and Compliance (GRC) security documentation tool, Risk Management Framework (RMF), and security compliance processes. Experience scrutinizing and providing solutions to ensure code in CI/CD pipelines adheres to ATO security requirements. Experience implementing industry standard security best practices for Kubernetes and Docker. In-depth experience with Federal Information Security Management Act (FISMA) and Federal Information System Controls Audit Manual (FISCAM) criteria. In-depth experience with relationship building and maintenance as it relates to internal and external team members, certification authorities, ISSOs and ISSMs and customers Ability to analyze authorization documents and associated artifacts against authorization requirements to identify gaps, establish a schedule to address outstanding authorization requirements, and coordinate directly with system team stakeholders Ability to analyze vulnerability assessment data to identify technical risks to the organization Ability to work across multiple disciplines Eagerness to dig into technical questions and problems, enthusiasm, good customer interface skills, positive attitude, strong communication skills (written and verbal), and effective teamwork and technical collaboration skills Note: Fairfax, VA office with option to work remotely