Information Assurance Engineer (Security Compliance)

Location: Gaithersburg, MD
Date Posted: 07-18-2017
Information Assurance Engineer (Security Compliance)

Location:  Gaithersburg, MD

Job Description


* Provide information assurance/information security technology and organizational security engineering
* Support FedRAMP cloud programs
* Provide lifecycle planning, support and development of all aspects of system certification and accreditation (C&A) from initiation through authority to operate (ATO)
* Provide security engineering for system design, risk identification, and implementation of controls, processes, and documentation in accordance with guidelines, policies, strategies and requirements
* Ensure that system security requirements are managed and addressed throughout the system lifecycle thereby ensuring system security compliance and approval for system operation
* Participate in system change technical review process, security requirements testing development and approval, and security assessments that establish and maintain appropriate security posture for the program.

Required Skills

* Demonstrated broad background in information security across a broad range of information security skills and technologies, especially Certification and Accreditation (C&A)
* Familiarity with Information Security directives, regulations, guidance, and controls specific to the US government agencies (e.g. FISMA*based C&A, NIST 800*53, etc.)
*Demonstrated familiarity with one or more of the following: Incident Response, Contingency/Disaster Recovery Planning, Configuration Management
* Demonstrated success in working on large*scale, multi*disciplined programs in large corporate environment
* Ability to communicate security issues and concerns effectively at all levels through effective verbal, presentation, and written communication skills for technical and non*technical audiences
* Demonstrated effective customer relations and proven ability to work across organizational and functional lines
* Demonstrated ability to work well in highly diverse, collaborative, team environment

Desired Skills

* Recognized Information Security/Information Assurance certification (e.g. CISSP, CISM, GSE)
* Experience writing Information Security/Information Assurance documentation (e.g. System Security Plan) and proposal writing
* Experience managing POAMs and Risk Assessments
* Familiarity with various commercial security products, e.g. Network Vulnerability Scanners (Nessus and Foundstone), Application Security Scanners (AppScan), McAfee Suite, CISCO Firewall and IPS, CIS Benchmark
* Comfortable with hands*on, lab activities, including vulnerability scanning, security requirements, and security configuration/customization
* Solid skills in either UNIX (Linux), Windows or both* Demonstrated ability to take initiative and solve complex problems
* Ability to demonstrate creative, thought leadership in security solutions appropriate for customer and program

Certifications

None required. CISSP or cloud security certificate desirable

Clearance

None

Shift

9:00-5:30 (exact hours negotiable)
or
this job portal is powered by CATS