AbleVets

  • Senior Systems Security Engineer

    Job Locations US-VA-Chantilly
    Job ID 2018-2195
  • Overview

    AbleVets, LLC, is a fast-growing Service Disabled Veteran Owned Small Business (SDVOSB) providing healthcare information technology services and resources to help the Veterans Affairs (VA) and Department of Defense (DoD) improve the lives of the people they serve. AbleVets, has an opportunity available for an experienced energetic, motivated, Senior Cyber Security Engineer to support our VA customer.

    Essential Functions and Job Responsibilities

    The successful candidate will be responsible for providing system security engineering and Cybersecurity support to the VA. The system security engineer has IT experience with NIST 800-37,” Guide to Applying Risk Management Framework to Federal Information Systems,” NIST 800-53rev4 “Security and Privacy Controls for Federal Information Systems and Organizations,” NIST 800 160 “Systems Security Engineering Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems,”  NIST 800-70 “National Checklist Program for IT Products – Guidelines for Checklist Users & Developers,” federal cybersecurity policy and security engineering principles. This candidate must be well versed in applicable laws and standards such as HIPPA and HITECH to implement secure applications, and networks. They must have familiarity and experience in the implementation of cyber security requirements to follow FISMA and FedRAMP guidelines. 

    Duties and responsibilities may include but are not limited to:

    • Implement the Cyber Security requirements of IT systems and applications documenting them in formal security engineering documents using Risk Management Framework and supporting artifacts associated with risk assessments.
    • Ability to perform security analysis to determine gap, compensating/mitigating controls, and residual risk
    • Identify security risks through the security impact analysis, system risk assessments and technology security risk reports.
    • Implement IT security solutions and assures successful implementation
    • Apply knowledge of security principles, policy, and regulations to daily tasking
    • Conduct security compliance evaluations on IT products using all source analysis, test lab, and apply test results to create secure configuration guidelines and baselines.
    • Analyze security evaluation tools results from Tenable Nessus, Nmap, Wireshark and Metasploit
    • Assess operating system and security configuration guideline into images for IT products initialization and deployment within the infrastructure
    • Apply knowledge of security principles, policy, and regulations to daily tasking
    • Experience working in the FedRAMP cloud environment understanding IaaS, PaaS, and SaaS regarding cloud service provider security control responsibilities and customer responsibilities
    • Organize, develop, and present security briefings, written summaries, and written reports incorporating narrative, tabular and/or graphic elements on security assessments, whitepapers relating to computer and network security technologies and tools.
    • Effectively and efficiently communicate and collaborate with external and internal customers of any hardware and software configuration changes that adversely affect any current system security and their configurations or violates policy

    Qualifications

    • Bachelor’s Degree or higher in computer science, electronics engineering, or other engineering or technical discipline is required. An additional six (6) years’ experience may be substituted for degree requirement.
    • At least ten (10) years of related experience, including experience with:
      • Networking concepts, protocols and security methodologies
      • NIST 800-53rev4, NIST 800-37; FISMA, and FedRAMP requirements
      • Resource management principles and techniques to meet deliverables deadlines efficiently to provide quality products.
      • DISA Security Requirements Guides (SRGs), Security Technical Implementation Guide (STIGs), and Center for Internet Security (CIS) Benchmarks
    • Must have technical knowledge using network security scanners, SCAP scans, vulnerability scanners, packet analyzers, and penetration testing methods.
    • One or a combination of the following experience in administration/engineering of operating systems, database systems, and network systems
    • Risk Management Framework RMF

      Assess & Authorize A&A vs C&A

    • Expert technical knowledge of risk management, and information security concepts and technologies
    • Experience with Cyber Security document management and familiar with security and privacy rules
    • Excellent verbal communication skills
    • Excellent written skills for preparing reports and briefings
    • Excellent analytical and problem-solving skills
    • Ability to facilitate and coordinate efforts with key government and non-government stakeholders
    • Self-starter that can work under general direction in a highly collaborative, team-based environment
    • S. Citizenship is required as is successfully passing a thorough Government background screening process requiring the completion of detailed forms and fingerprinting
    • Ability to obtain a Public Trust
    • Previous Government contracting work experience

    Preferred / Desired Skills:

    • CISSP, CEH, Security +, CCSP, ISSEP

    EEO Statement

    AbleVets LLC appreciates your interest in our company as a place of employment.  We are proud to be an equal opportunity/affirmative action employer and are committed to hiring and retaining a diverse workforce.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability, veteran status, or any other protected class.  AbleVets is a VEVRAA Federal Contractor. 

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed