Maryland Green Jobs

Maryland Mobile Logo

Job Information

Arena Technical Resources, LLC Information Assurance Engineer in Suitland, Maryland

Job ID

12062

Location

Suitland, MD

Category

Cyber, IA, C&A

Hourly Pay

105000.00 - 120000.00

Annual Pay

-

Number Required

N/A

Information Assurance Engineer

Apply

NEW SEARCH

In Suitland, MD

Job DescriptionClearance:

Public Trust or Clearable for a Public Trust

Job Purpose:

Information assurance engineer provides subject matter expertise to client’s system development projects. S/he is responsible for advising teams on security best practices, regulations, and requirement. S/he will assist project teams in maintaining an appropriate security posture and attaining appropriate security authorizations and approvals.

Responsibilities:

  • Review proposed new systems, networks, and software for potential security risks

  • Review security related product selection and implementation activities

  • Participate and provide security SME guidance in Vendors Source Selection process ¢ Define the scope and level of detail for security plans applicable to the system

  • Identify need for changes based on new security technology and evolving threats

  • Analyze change requests to the system for security posture impact/updates

  • Have experience in and Support the Organizational Assessment & Authorization (A&A) process for existing and new systems

  • Identify & generate Security Artifacts for A&A

  • Review and recommend approval of systems FIPS 199, FIPS 200, and E-Authentication

  • Prepare and provide System Security Plan for the system

  • Coordinate Security Test and Evaluation events between involved stakeholders

  • Participate in Security Test and Evaluation process and Review ST&E report

  • Perform Vulnerability Assessment review and generate reports for System Owner and stakeholders

  • Perform and provide vulnerability assessment results and recommendations

  • Assess known systems vulnerabilities and verifying system hardening and patching activities to ensure compliance with applicable Security Requirements and related checklists

Qualifications:

  • Must be a US citizen

  • Clearable for High Risk Positions of Trust

  • Must have a current Certified Information Systems Security Professional (CISSP) Certificate

  • Ability to interface with customers of various levels, to include but not be limited to Program Management Office (PMO), Authorizing Officials, Information System Owners, Independent Security Assessment Team and Technical system personnel

  • Excellent verbal/written communication skills

  • Excellent interpersonal skills

  • Able to work in a team environment

  • Understanding of Systems Engineering requirements, specifications, and demonstrated experience implementing Federal A&A Processes, assessing and validating compliance with security controls and developing and maintaining associated documentation.

  • Have detailed knowledge of the latest versions of the National Institute of Standards and Technology {NIST} Special Publications (SP) 800-18, 800-30, 800-37, 800-39, 800-53, 800-53A, 800-60, etc.

  • Have experience with identification, documentation, and testing of security controls for information technology systems in accordance with the above NIST guidance

  • Have experience with identification of security risks (threat/likelihood/impact) to the system, networks, and organization and documenting risks for management review

  • Have experience with the System Development Life Cycle (SDLC) and the activities associated within each phase. © Knowledge of NOAA/NESDIS a plus.

  • Have experience with analyzing vulnerabilities and providing guidance on secure IT implementation of various operating systems (e.g. Windows, Unix, Linux, and Mac)

  • Have experience with analyzing vulnerabilities and providing guidance on secure IT implementation of various applications (e.g. Oracle, SQL Server, Apache, IIS)

  • Have experience with analyzing vulnerabilities and providing guidance on secure IT implementation of network devices (e.g. switches, routers, firewalls)

  • Have experience with analyzing vulnerabilities and providing guidance on secure architecture design of various applications (e.g. internal-only, publicly available)

  • Experience serving as an ISSO for a federal government system is a plus

  • Experience conducting cybersecurity audits of Federal Systems to ensure appropriate implementation and security compliance

  • Working knowledge of cyber security toosets

Educational Requirements:

  • BS or equivalent and 5+ years of related experences, of MS and 4+ years of related experience Bachelor's degree in Computer Science, Information Systems, Engineering, Information Technology, or other related discipline from an accredited college or university is required.

  • Must have an active CISSP Certification

DirectEmployers