Senior Information Systems Security Engineer
Rockville, MD, USA
Full Time Senior-level / Expert Clearance required USD 75K - 140K *
CSEngineering
Senior Information Systems Security Engineer
**Immediate Opportunity**
CSEngineering is looking to add a Senior Information Systems Security Engineer to our growing team! This position will support the Department of Health and Human Services.
CLIENT OVERVIEW
The Indian Health Service, an agency within the Department of Health and Human Services, is responsible for providing federal health services to American Indians and Alaska Natives. The provision of health services to members of federally recognized tribes grew out of the special government-to-government relationship between the federal government and Indian tribes. This relationship, established in 1787, is based on Article I, Section 8 of the Constitution, and has been given form and substance by numerous treaties, laws, Supreme Court decisions, and Executive Orders. The IHS is the principal federal health care provider and health advocate for Indian people, and its goal is to raise their health status to the highest possible level. The IHS provides a comprehensive health service delivery system for American Indians and Alaska Natives.
JOB RESPONSIBILITIES
Outlined below are the critical requirements for this position:
- Interpret the federal agency Assessment and Authorization Process Manual (AAPM) in determining technical Information Assurance (IA) requirements and ensure proper security implementation of the Risk Management Framework (RMF).
- Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security plan
- Attend the change control board (CCB) meetings.
- Write standard operating procedures (SOP) and security in depth (SID) plans as well as security policies
- Provide cybersecurity education and training for all system users on appropriate risk mitigation strategies.
- Provide recommendations on 800-53 security controls and make develop System Security Plan (SSP), other RMF documents like the PIA, DR/BCP.
- Track and monitor POA&Ms, track vulnerability management, provide solutions to vulnerabilities.
- Formally notify the ISSM of any changes to a system that could affect authorization.
- Report all security-related incidents to the ISSM.
- Other assignments as assigned by the PM depending on the customers IS requirement
REQUIRED QUALIFICATIONS
Security Clearance: Public Trust
- Knowledge of NIST publications and perform the following Risk Management Framework (RMF) processes and procedures to include package development, including POA&Ms (mitigation statements), Continuous Monitoring (ConMon) test results, Security Plans, Risk Assessments, system/site policies, architecture diagrams, and hardware/software inventories.
- Ability to identify security vulnerabilities in a broad spectrum of hardware and software products and provide risk mitigation solutions.
- Demonstrate ability to manage multiple secure programs and assess new areas for compliance.
- Must be eligible to obtain and maintain a Secret clearance
- Must be a United States Citizen
Location: Remote
PREFERRED QUALIFICATIONS
- Bachelor's Degree with 5-8 years of industry experience
- CISSP or CISA
- Sec+
COMPANY OVERVIEW
CSEngineering is a Service Disabled Veteran Owned Small Business (SDVOSB) that was founded in 2002 with the mission of being the best engineering and services firm in our industry while achieving the highest level of client satisfaction. CSEngineering has significant past performance with satellite systems, weapons and missile systems, naval architecture and engineering, aviation systems, and IT and Enterprise Architecture. We have come a long way since we were founded and now also provide services with focuses on logistics, item management, administration, equipment specialization, program management, configuration management, financial management, LAN operations, information technology and maintenance, development and operation of missile system laboratories, the operation of data collection systems, database, and information management support, demilitarization processes and DevSecOps. We could not achieve this without the dedication of our employees to their work and the clients we serve. Additionally, CSE is a Hire Vets Gold Medallion award recipient. The HIRE Vets Medallion Award is the only federal-level veterans' employment award that recognizes a company or organization's commitment to veteran hiring, retention, and professional development. CSEngineering truly values its people, wants them to love their jobs, and to build their careers with us. We are forever dissatisfied with status quo and are always looking for a better way to do things, not so much out of competitiveness, but out of a desire to simply be THE BEST and to lead our industry.
CSE offers a competitive salary and comprehensive benefits package, including medical, dental, life, disability, 401k, and paid time off.
CSE is an equal opportunity employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, or veteran status.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISA CISSP Clearance Compliance DevSecOps ISSE Monitoring NIST NIST 800-53 Risk assessment Risk management RMF Security Clearance System Security Plan Vulnerabilities Vulnerability management
Perks/benefits: 401(k) matching Competitive pay Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs