Cayuse Holdings
Sr. IT Security Engineer
Cayuse Holdings, Arlington, Virginia, United States, 22201
Overview
Cayuse Native Hawaiian Veterans (CNHV) provides innovative and flexible solutions to federal government clients, emphasizing excellence in the Asia-Pacific region. CNHV's capabilities, market-relevant service offerings, past performance credentials, and diverse status allow government clients to engage quickly and confidently with CNHV. Core service areas for CNHV include Health & Medical Services, Unexploded Ordnance (UXO), Surface & Underwater Range Clearance, Explosive Ordnance Disposal (EOD), Executive Briefing Teams, Training, Exercise Support, Computer Facilities, and Emergency Management Services.
The Senior IT Security Engineer/Analyst is responsible for leading the implementation and enforcing information systems security policies, standards, and methodologies and assist with preparation and maintenance of documentation. Assist in the evaluation of security solutions to ensure they meet security requirements for processing classified information. Assist with the CM for information system security software, hardware, and firmware. The Senior IT Security Engineer/Analyst oversees the maintenance of records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgrades. Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies. Develop and maintain documentation for C&A in accordance with ODNI and DoD policies. Provide CM for security-relevant information system software, hardware, and firmware (U) Develop system security policy and ensures compliance. All duties and responsibilities performed in accordance with the Core Values of Cayuse.
Responsibilities
Oversees and evaluates security solutions to ensure they meet security requirements for processing classified information
Maintain operational security posture for an information system or program
Provide support to the Information System Security Manager (ISSM) for maintaining the appropriate operational IA posture for a system, program, or enclave
Develop and update the system security plan and other IA documentation
Oversees and assists with the management of security aspects of the information system and perform day-to-day security operations of the system
Administer the user identification and authentication mechanism of the Information System (IS)
Provides support for a program, organization, system, or enclave’s information assurance program.
Provides support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.
Oversees and assists with the management of security aspects of the information system and performs day-to-day security operations of the system.
Evaluate security solutions to ensure they meet security requirements for processing classified information.
Performs vulnerability/risk assessment analysis to support certification and accreditation.
Provides configuration management (CM) for information system security software, hardware, and firmware.
Manages changes to system and assesses the security impact of those changes.
Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
Supports security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF)
Other duties as assigned.
Qualifications
A technical BS degree from an accredited university, or
Certified Information Systems Security Professional (CISSP),and/or Certified Information Systems Auditor, and A minimum of 7 years of experience in performing system and application certifications and accreditations.
Certified Authorization Professional (CAP) certification will be required within 6 months of award, if not CISA.
Advanced practical experience in managing all phases of systems C&A activities ranging from early concept development to system retirement.
Expert in the processes and documentation requirements for numerous C&A methodologies.
Top Secret Security Clearance or the ability to obtain one.
Must be able to pass a background check. May require additional background checks as required by projects and/or clients at any time during employment.
Minimum Skills:
Proven record of learning and adapting new technologies
Time management skills and the ability to communicate effectively with both stakeholders and technical staff.
Able to work independently with minimal supervision as well as working with a team
Solid oral and written communication skills that can be adapted to both the technical, and administrator level.
Strong attention to detail
Proficient with Microsoft Office Suite or related software.
Preferred Qualifications:
Knowledge of National Institute of Standards and Technology Risk Management Framework (NIST RMF).
Strong analytical skills
Advanced practical experience in managing all phases of systems C&A activities ranging from early concept development to system retirement.
Expert in the processes and documentation requirements for numerous C&A methodologies.
Demonstrated experience supporting Government Agencies preferably the Department of State.
Reports to
: Senior Program Manager
Working Conditions
Professional office environment
Must be physically and mentally able to perform duties for extended periods of time. Ability to use a computer and other office productivity tools with sufficient speed to meet the demands of this position.
Must be able to establish a productive and professional workspace.
Must be able to work varying work schedules and/or extended hours to meet business needs and project deadlines.
May be asked to travel for business or professional development purposes.
Other Duties:
Please note this job description is not designed to cover or contain a comprehensive list of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.
Affirmative Action/EEO Statement:
Cayuse embraces diversity and equal opportunity in a serious way. We celebrate diversity and are committed to creating and building a team that represents a variety of backgrounds, perspectives, and skills. Cayuse, and all of its subsidiaries, are proud to be an equal opportunity workplace and are an affirmative action employer
.
Pay Range
USD $130,000.00 - USD $180,000.00 /Yr.
Submit a Referral (https://careers-cayuseholdings.icims.com/jobs/1168/sr.-it-security-engineer/job?mode=apply&apply=yes&in_iframe=1&hashed=-1834356743)
Location
US-VA-Rosslyn
ID
102163
Category
Information Technology
Position Type
Full-Time Salary Exempt
Remote
No
Clearance Required
Top Secret
Cayuse Native Hawaiian Veterans (CNHV) provides innovative and flexible solutions to federal government clients, emphasizing excellence in the Asia-Pacific region. CNHV's capabilities, market-relevant service offerings, past performance credentials, and diverse status allow government clients to engage quickly and confidently with CNHV. Core service areas for CNHV include Health & Medical Services, Unexploded Ordnance (UXO), Surface & Underwater Range Clearance, Explosive Ordnance Disposal (EOD), Executive Briefing Teams, Training, Exercise Support, Computer Facilities, and Emergency Management Services.
The Senior IT Security Engineer/Analyst is responsible for leading the implementation and enforcing information systems security policies, standards, and methodologies and assist with preparation and maintenance of documentation. Assist in the evaluation of security solutions to ensure they meet security requirements for processing classified information. Assist with the CM for information system security software, hardware, and firmware. The Senior IT Security Engineer/Analyst oversees the maintenance of records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgrades. Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies. Develop and maintain documentation for C&A in accordance with ODNI and DoD policies. Provide CM for security-relevant information system software, hardware, and firmware (U) Develop system security policy and ensures compliance. All duties and responsibilities performed in accordance with the Core Values of Cayuse.
Responsibilities
Oversees and evaluates security solutions to ensure they meet security requirements for processing classified information
Maintain operational security posture for an information system or program
Provide support to the Information System Security Manager (ISSM) for maintaining the appropriate operational IA posture for a system, program, or enclave
Develop and update the system security plan and other IA documentation
Oversees and assists with the management of security aspects of the information system and perform day-to-day security operations of the system
Administer the user identification and authentication mechanism of the Information System (IS)
Provides support for a program, organization, system, or enclave’s information assurance program.
Provides support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.
Oversees and assists with the management of security aspects of the information system and performs day-to-day security operations of the system.
Evaluate security solutions to ensure they meet security requirements for processing classified information.
Performs vulnerability/risk assessment analysis to support certification and accreditation.
Provides configuration management (CM) for information system security software, hardware, and firmware.
Manages changes to system and assesses the security impact of those changes.
Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
Supports security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF)
Other duties as assigned.
Qualifications
A technical BS degree from an accredited university, or
Certified Information Systems Security Professional (CISSP),and/or Certified Information Systems Auditor, and A minimum of 7 years of experience in performing system and application certifications and accreditations.
Certified Authorization Professional (CAP) certification will be required within 6 months of award, if not CISA.
Advanced practical experience in managing all phases of systems C&A activities ranging from early concept development to system retirement.
Expert in the processes and documentation requirements for numerous C&A methodologies.
Top Secret Security Clearance or the ability to obtain one.
Must be able to pass a background check. May require additional background checks as required by projects and/or clients at any time during employment.
Minimum Skills:
Proven record of learning and adapting new technologies
Time management skills and the ability to communicate effectively with both stakeholders and technical staff.
Able to work independently with minimal supervision as well as working with a team
Solid oral and written communication skills that can be adapted to both the technical, and administrator level.
Strong attention to detail
Proficient with Microsoft Office Suite or related software.
Preferred Qualifications:
Knowledge of National Institute of Standards and Technology Risk Management Framework (NIST RMF).
Strong analytical skills
Advanced practical experience in managing all phases of systems C&A activities ranging from early concept development to system retirement.
Expert in the processes and documentation requirements for numerous C&A methodologies.
Demonstrated experience supporting Government Agencies preferably the Department of State.
Reports to
: Senior Program Manager
Working Conditions
Professional office environment
Must be physically and mentally able to perform duties for extended periods of time. Ability to use a computer and other office productivity tools with sufficient speed to meet the demands of this position.
Must be able to establish a productive and professional workspace.
Must be able to work varying work schedules and/or extended hours to meet business needs and project deadlines.
May be asked to travel for business or professional development purposes.
Other Duties:
Please note this job description is not designed to cover or contain a comprehensive list of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.
Affirmative Action/EEO Statement:
Cayuse embraces diversity and equal opportunity in a serious way. We celebrate diversity and are committed to creating and building a team that represents a variety of backgrounds, perspectives, and skills. Cayuse, and all of its subsidiaries, are proud to be an equal opportunity workplace and are an affirmative action employer
.
Pay Range
USD $130,000.00 - USD $180,000.00 /Yr.
Submit a Referral (https://careers-cayuseholdings.icims.com/jobs/1168/sr.-it-security-engineer/job?mode=apply&apply=yes&in_iframe=1&hashed=-1834356743)
Location
US-VA-Rosslyn
ID
102163
Category
Information Technology
Position Type
Full-Time Salary Exempt
Remote
No
Clearance Required
Top Secret