Loading some great jobs for you...
BITHGROUP Technologies Inc. is seeking a Cyber Security Project Engineer for a project in Reston, VA. The successful candidate will provide project risk analysis and policy support in the domain of information assurance. This position shall support the Sponsor's System Security and have an understanding of Accreditation and Authorization (A&A), network security and AWS cloud services.
This position requires a TS/SCI clearance.
The Cyber Security Project Engineer shall be required to work with the Sponsor to:
Provide analysis of vulnerability results and suggesting mitigation plans for security problems.
Use and evaluate vulnerability tools such as, Nessus, AppDetective and WebInspect.
Use and evaluate incident response tools such as, HP Fortify and McAfee ePO.
Use and evaluate auditing tools such as Splunk.
Understand cloud based infrastructure as a service technologies (Amazon Web Services experience preferred).
Assist in the evaluation and analysis of AWS cloud services and tools from a security risk perspective.
Assist in providing security guidance for internal Sponsor documentation.
Provide analysis of vulnerabilities identified by compliance tools.
Conduct TEM's to verify and validate systems against NIST, RMF Sponsor internal security regulations.
Assist in researching, evaluating, and developing relevant Information Security policies and guidance.
Actively participate in or lead technical exchange meetings and application review boards, documenting actions items/results of these events.
Brief management, as needed, on the status of the system and/or risk mitigation activities.
Assess/calculate risk based on threats, vulnerabilities, and shortfalls uncovered in testing and provide recommendations for risk decisions to Sponsor.
Identify mitigating countermeasures to identified threats, vulnerabilities, and shortfalls.
Provide enhancement capabilities and SOPs to assessment operations for execution and implementation.
Required skills and demonstrated experience:
TS/SCI clearance required
Demonstrated experience in understanding, applying, and testing IT systems against NIST 800-53/A and (DISA) Industry Standards.
Demonstrated experience with cyber security policies and guidance, and research, evaluation, and development of relevant security policies and guidance.
Demonstrated experience providing analysis of vulnerability results and suggesting mitigation plans for security problems.
Demonstrated experience using Nessus, AppDetective and WebInspect.
Demonstrated experience using HP Fortify, McAfee ePO and other incident response tools.
Demonstrated experience using auditing tools such as Splunk.
Demonstrated experience using Linux, Windows, Wireless and Virtual Platforms.
Demonstrated experience with cloud based infrastructure as a service technologies (Amazon Web Services experience preferred).
Demonstrated experience securing and providing risk mitigations for systems and applications in the AWS cloud environment.
Other demonstrated experiences which are highly desired, though not required, include:
Experience and knowledge of the Microsoft Cloud (Azure).
System configuration, development and design, specifically around enterprise systems.
Experience with written and oral communication skills in responding to email, telephone and/or in person inquiries from organizational personnel.
At least one of the following certifications is highly desired: ISACA Certified Information Systems Auditor (CISA); Certified Authorization Professional (CAP); ISC Certified Cloud Security Professional (CCSP); Certified Information Systems Security Professional (CISSP); ISACA Certified Information Security Manager (CISM)PMI Project Management Professional (PMP) certification; Relevant hands-on technical certification (e.g., Microsoft MCSE); ITIL Foundation certification; Oracle Database Introduction to SQL; Certificate of Cloud Security Knowledge (CCSK).
Launch your career - Create your profile now!Create your Profile
Loading some great jobs for you...