Security Engineer
Role details
Job location
Tech stack
Job description
- Provides support to plan, coordinate, and implement the organization's information security in a DoW RMF environment, supporting low code application platforms.
- Provides support for facilitating and helping agencies identify their current security infrastructure and define future programs, design and implementation of security related to IT systems.
- Oversees the efforts of the contractor security staff to design, develop, engineer and implement solutions to security requirements.
- Responsible for the implementation and development of the DHS IT security.
- Gathers and organizes technical information about an organization's mission goals and needs, existing security products, and ongoing programs in the MLS arena.
- Performs risk analyses which also includes risk assessment.
- Provides support to plan, coordinate, and implement the organization's information security.
- Provides support for facilitating and helping agencies identify their current security infrastructure and define future programs, design and implementation of security related to IT systems.
- A working knowledge of several of the following areas is required:
- Understanding of business security practices and procedures;
- Knowledge of current security tools available;
- Hardware/Software security implementation;
- Different communication protocols;
- Encryption techniques/tools;
- Familiarity with commercial products, and current Internet/EC technology.
- Provides daily supervision and direction to staff.
Key Tasks:
- Provide support to plan, coordinate, and implement the organization's information security.
- Conduct security compliance verification and assessment.
- Understand and interpret different security controls.
- Review application architecture and technology stack including COTS and GOTS platforms to assess security vulnerabilities
- Assess application security compliance with DoD STIG and IAVA standards
- Conduct security map and gap analysis
- Provide security finding assessment report, resolution implementation plan, and level of effort.
- Identify and propose security finding remediation solutions.
- Perform risk analyses which also includes risk assessment.
- Complete pertinent security and information assurance documentation.
Requirements
-
Understanding of DoD system security accreditation process and DISA STIGs.
-
Understanding of CCRI Audit and CGCYBER OPORD policies.
-
Computer Science, Information Security, System Engineer or other technical Master's Degree
-
ISC2 CGRC Certified Governance Risk and Compliance
-
Must meet position and certification requirements outlined in DoD Directive 8570.01-M for IAT Level II
-
At least 6 years of experience working as Security or IA Analyst supporting the DoD or other federal agencies.
-
Detail-oriented individual
-
Experience creating security implementation plans and schedules.
-
Experience creating and managing POA&Ms that address security compliance issues.
-
Experience creating security finding assessment report and remediation solution proposal.
-
Understanding of web application firewall enforcement.
-
Understanding of PKI certificate implementation and configuration.
-
Experience managing security compliance requirements related to Personally Identifiable Information (PII).
-
Experience working as Systems Administrator/Database Administrator with familiarity working on diverse platforms such as UNIX, Linux, Windows, SQL Server, or Oracle is desirable.
-
A working knowledge of several of the following areas is required:
-
Understanding of business security practices and procedures;
-
Knowledge of current security tools available;
-
Hardware/Software security implementation;
-
Different communication protocols;
-
Encryption techniques/tools;
-
Familiarity with commercial products i.e. COTS and GOTS
US citizenship and the ability to obtain and maintain federal clearance is required.
Citizenship or Work Authorization Required:US Citizen
Preferred Education & Experience: 6 years of experience and a Bachelor's Degree.
Compensation for roles at Synergy varies depending on a wide variety of factors including but not limited to the requirements of the role; education and certifications; knowledge, training, skills and abilities; level of experience; geographic location; and alignment with market data, law, and other business and organizational needs.As required by local law, the posted pay range represents the lowest to the highest pay that Synergy believes in good faith it might pay for this particular job, depending on the circumstances. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. It is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case.
A reasonable estimate of the current pay range is: $70K - $100K.
Essential Job Function Physical Requirements: The physical requirements of this position are critical in evaluating the qualifications and abilities of an applicant or employee. The physical efforts needed to perform the essential duties of this job 90% of the time are repetitive motions, grasping, holding, and finger dexterity of the hands, reading, writing, eye-hand coordination, color distinction, and full visual abilities, hearing, talking, sitting, and use of IT equipment, phones, and office machines.
To a reduced degree, <30% of the time, candidates may have to stand, walk, lift 0-30 pounds, push or pull objects, climb stairs, bend, squat, reach, drive a car, or work overtime.
