Mindlance
Security Engineer III
Mindlance, Washington, District of Columbia, us, 20022
Position Summary:
Title:
Security Engineer IIILocation:
Washington, DC 20005Duration:
6 Months - Long Term
Hybrid Onsite: 2/3 days onsite per week from Day 1.
The candidate should be fully vaccinated.
Summary/Objective:The Security Engineer III will evaluate, implement, maintain, and monitor IT security measures utilized.
The individual in this position is responsible for reviewing both new and existing applications for securityvulnerabilities and compliance.
Essential Duties and Responsibilities:Analyze, build, and maintain
Security Operations tool sets, including vulnerability scanning, log collection/SIEM, and endpoint protectionMaintain
Security Assessment Packages (ATO Documentation, SSPs, Assessment Reports, Risk Calculation, etc.).Evaluate new and existing applications for security compliance and provide recommendations to improve security posture.Analyze remediation efforts of findings related to vulnerability and system configurations.Perform security initiative gap assessments.Implement, test, and maintain defined security solutions.Lead security support for project development and existing applications.Serve as the lead security liaison to IT Operations and program support groups.Serve as an Incident Response resource, responsible for aiding the engineer/analyst in triaging security incidents and keeping the security group manager apprised of the incident status.Serve as a subject matter expert in the development/updates of annual security awareness training, annual developer security training and annual administrator security training.
Education:
Bachelor's degree and/or relevant technical training with no preferred certification.
Experience:
Five (5) to Seven (7) years of directly related experience.One (1) to Two(2) Operational and/or technical business leadership experience.Five (5)+ years' of experience in
IT network security implementation (i.e. firewalls, secure topologies/architectures, SIEM Tools, intrusion detection and analysis, Microsoft UNIX OS security, vulnerability assessments).Five (5)+ years' of experience in working system administration of Unix, Microsoft operating systems, MS Office Professional tools suite, and IT security incident/forensics.Two (2) to Three (3) years' experience in
system baseline configurations, IT security policy and standards development, and POA&M tracking and remediation.Experience with Federal Security Regulations (i.e. OMB Circular A-130, MIST Guidelines), wireless network architecture,web filtering configuration, security information/event manager configuration, antimalware tools, and next-generation firewall experience.
Required:
One (1) or more of the following:CISSP, CISM and/or CISA certification
Preferred:
CCNP, MCSE or equivalent.
Title:
Security Engineer IIILocation:
Washington, DC 20005Duration:
6 Months - Long Term
Hybrid Onsite: 2/3 days onsite per week from Day 1.
The candidate should be fully vaccinated.
Summary/Objective:The Security Engineer III will evaluate, implement, maintain, and monitor IT security measures utilized.
The individual in this position is responsible for reviewing both new and existing applications for securityvulnerabilities and compliance.
Essential Duties and Responsibilities:Analyze, build, and maintain
Security Operations tool sets, including vulnerability scanning, log collection/SIEM, and endpoint protectionMaintain
Security Assessment Packages (ATO Documentation, SSPs, Assessment Reports, Risk Calculation, etc.).Evaluate new and existing applications for security compliance and provide recommendations to improve security posture.Analyze remediation efforts of findings related to vulnerability and system configurations.Perform security initiative gap assessments.Implement, test, and maintain defined security solutions.Lead security support for project development and existing applications.Serve as the lead security liaison to IT Operations and program support groups.Serve as an Incident Response resource, responsible for aiding the engineer/analyst in triaging security incidents and keeping the security group manager apprised of the incident status.Serve as a subject matter expert in the development/updates of annual security awareness training, annual developer security training and annual administrator security training.
Education:
Bachelor's degree and/or relevant technical training with no preferred certification.
Experience:
Five (5) to Seven (7) years of directly related experience.One (1) to Two(2) Operational and/or technical business leadership experience.Five (5)+ years' of experience in
IT network security implementation (i.e. firewalls, secure topologies/architectures, SIEM Tools, intrusion detection and analysis, Microsoft UNIX OS security, vulnerability assessments).Five (5)+ years' of experience in working system administration of Unix, Microsoft operating systems, MS Office Professional tools suite, and IT security incident/forensics.Two (2) to Three (3) years' experience in
system baseline configurations, IT security policy and standards development, and POA&M tracking and remediation.Experience with Federal Security Regulations (i.e. OMB Circular A-130, MIST Guidelines), wireless network architecture,web filtering configuration, security information/event manager configuration, antimalware tools, and next-generation firewall experience.
Required:
One (1) or more of the following:CISSP, CISM and/or CISA certification
Preferred:
CCNP, MCSE or equivalent.