AbleVets

  • Senior System Security Engineer

    Job Locations US-VA-Rosslyn
    Job ID 2018-2120
  • Overview

    AbleVets, LLC, is a fast-growing Service Disabled Veteran Owned Small Business (SDVOSB) providing healthcare information technology services and resources to help the Veterans Affairs (VA) and Department of Defense (DoD) improve the lives of the people they serve. AbleVets, has an opportunity available for an experienced energetic, motivated, Senior System Security Engineer to support our Electronic Health Record Modernization program for the VA. The successful candidate will be responsible for providing system security engineering and cybersecurity support particularly in the area of system interfaces.

     

    Essential Functions and Job Responsibilities

    The System Security Engineer has IT experience with NIST guidelines, federal cybersecurity policy and security engineering principles. The successful candidate must be well versed in applicable laws and standards such as HIPPA and HITECH to implement secure applications and networks. They must have familiarity and experience in the implementation of cyber security requirements in accordance with FISMA and FedRAMP guidelines. Duties and responsibilities may include, but are not limited to:

     

    • Develop security requirements and considerations for system connections/interfaces in the form of a formalized document
    • Support the definition and refinement of a standardized process/framework to integrate security considerations into the development of 20+ system interfaces for the program
    • Ability to perform security analysis to determine gap, compensating/mitigating controls, and residual risk
    • Identify security risks through the security impact analysis, system risk assessments and technology security risk reports.
    • Apply knowledge of security principles, policy, and regulations to daily tasking working with development teams and ensure proper security controls/requirements are incorporated into the design/development process
    • Implement the Cyber Security requirements of IT systems and applications documenting them in formal security engineering documents using Risk Management Framework and supporting artifacts associated with risk assessments.
    • Organize, develop, and present security briefings, written summaries, and written reports incorporating narrative, tabular and/or graphic elements on security assessments, whitepapers relating to computer and network security technologies and tools.
    • Effectively and efficiently communicate and collaborate with external and internal stakeholders to ensure security is ‘built in’ the program
    • Analyze security evaluation tool results from Tenable Nessus, Nmap, Wireshark and Metasploit – as needed

    Qualifications

    • Bachelor’s Degree or higher in computer science, electronics engineering, or other engineering or technical discipline. An additional six (6) years of related experience may be substituted for education requirement
    • At least ten (10) plus years of related experience, including experience with:
      • Networking concepts, protocols and security methodologies
      • NIST 800-53rev4, NIST 800-37; FISMA and FedRAMP requirements
    • DISA Security Requirements Guides (SRGs), Security Technical Implementation Guide (STIGs), and Center for Internet Security (CIS) Benchmarks
    • One or a combination of the following experience in administration/engineering of operating systems, database systems, and network systems
    • Expert technical knowledge of risk management, and information security concepts and technologies
    • Experience with security document development/management and familiarity with security and privacy rules
    • Excellent verbal and written communication skills
    • Excellent written skills for preparing reports and briefings
    • Excellent analytical and problem-solving skills
    • Ability to facilitate and coordinate efforts with key government and non-government stakeholders
    • Ability to obtain a Public Trust clearance

    Preferred/Desired Skills:

    • CISSP or ISSEP or CCSP

    EEO Statement

    AbleVets LLC appreciates your interest in our company as a place of employment.  We are proud to be an equal opportunity/affirmative action employer and are committed to hiring and retaining a diverse workforce.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability, veteran status, or any other protected class.  AbleVets is a VEVRAA Federal Contractor. 

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed