Mid Security Engineer

Location: Open, United States
Date Posted: 09-06-2018
Title:                     Mid Security Engineer
Location:               Open, United States (Remote)
Salary:                  DOE
Travel:                  Up to 20%
 
We are seeking a dynamic professional with 5+ years of hands-on cybersecurity experience in performing and/or participating in DoD and/or NIST-based system security assessments, Privacy Assessments, continuous monitoring, and/or other Assessment and Authorization (A&A) activities.
 
Duties and Responsibilities:
  • Develop, assess, and analyze cyber security documentation for client information systems in accordance with FISMA, NIST RMF for Federal Civilian Agencies, RMF for DoD IT, FedRAMP, and departmental standards.
  • Perform system/network vulnerability scanning and analysis using both automated tools and manual techniques. 
  • Assist or lead technical assessments using standard industry tools such as Nessus, DB Protect, WebInspect, ACAS (for DoD), and others.
  • Identify and apply vulnerability remediations, fix procedures, and when necessary mitigation techniques. 
  • Identify and mitigate cyber security risks through formal assessment activities.
  • Lead development of detailed reports based on testing and data analysis.
  • Participate and lead compliance related discussions (this includes in-depth understanding of applicable compliance frameworks, architectures, and security control requirements (technical and non-technical)
  • Work directly with customers to resolve cybersecurity issues and concerns as well as to explain how compliance with various standards and frameworks are achieved.
  • Coordinate the day-to-day activities required to deliver a project on time and within budget.
  • Attend, participate, and lead regular project meetings; communicate and distill information from technical resources during formal and informal meetings.
 
Skills and Qualifications:
Required:
  • 5+ years of experience in performing and/or participating in FISMA based security Assessment and Authorization (A&A) activities.
  • Working-level knowledge of FISMA, NIST/DoD RMF, and NIST SP 800-series publications.
  • Must be sufficiently familiar with typical Federal A&A documentation (e.g., System Security Plans (SSPs), System Assessment Plans (SAPs), System Assessment Reports (SARs), Plan of Actions and Milestones (POAMs), and more) in order to contribute to authorship and/or solely author such documents.
  • Experience using testing tools such as Nessus/ACAS, SCC, DISA STIGs / STIG Viewer, Wire Shark, Flying Squirrel, etc.
  • Exposure to Software Development Lifecycle (SDLC) and related terminology as it relates to Information Security/Information Assurance.
  • Self-motivated and able to work in an independent manner or as part of a client delivery team.
  • Able to write about and discuss technical security issues in a clear, concise manner.
  • Exceptional organizational, planning, and attention to detail skills.
  • Able to work in a fast-paced, deadline-driven, remote environment.
  • Able to travel at least 25% as required for various client engagements.
 
 Desired: 
  • Strong technical background.
  • Experience with FedRAMP and Cloud Computing.
  • Experience working in a service desk environment and supporting customer infrastructure.
  • Coding/Programming experience with one or more of the following tools: Python, Perl, Shell, Bash, Batch, etc.
  • Experience and technical knowledge in security engineering, secure architecture development, system and network security, authentication and security protocols, applied cryptography, and application security.
 
Education:
  • Bachelor’s degree in IT related field or equivalent technical certifications.
 
Certifications:
  • The following certifications (more than one is preferred): Lunarline, Inc. School of Cybersecurity “Certified Expert” certifications, Security+, CISSP, CEH, SFCP, GCIA, ISSEP, ISSMP, GCIH, GCFA, CSLC, CISM, CCNA, CCNP, Network+, CAP, SANS security certifications, etc.
Company Benefits
Full affordable health benefits; Short-term and Long-term Disability; Life Insurance and AD&D Insurance paid for by Lunarline; 401(k) retirement plan with employer safe harbor matching - IMMEDIATE VESTING; Tuition and Certification Reimbursements; All federal holidays paid

Disclaimer
Lunarline is an equal opportunity employer. It is the policy of Lunarline that all employees and applicants for employment will be treated in all respects on the basis of their merit and qualifications and without regard to their race, color, national origin, age, disability, sexual orientation, religion, gender, military status, marital status or ancestry.
Lunarline participates in the E-Verify program. Therefore, any employment with Lunarline will also be contingent upon confirmation from the Social Security Administration ("SSA") and/or the Department of Homeland Security ("DHS") of your authorization to work in the United States. 
The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.
or
this job portal is powered by CATS