Security Engineer/IA Engineer
Novetta is seeking an Information System Security Engineer to support a fast paced, innovative project located in the Reston VA area. This position will manage security accreditation for unclassified and classified compute environments hosted on U-C2S, and C2S. Apply information system security standards to novel data science tools and analytics as they move from prototype to production. Determine applicable security requirements such as INT overlays and System Security Plan (SSPs). Maintain security posture of information systems, including C2S cloud environments. Manage the full lifecycle of, and workflows for, security accreditation projects under the ICD503 Rev. 4 Framework using the ICD503 Rev. 4 Framework. Obtain IC reciprocity for security accreditation projects
- Provide security design analysis and infrastructure auditing for products and services and participate in the iterative design process in order to identify vulnerabilities, risks and choices that would lead to increased risk down the road early and throughout the product lifecycle.
- Develop Security reference architectures for common patterns that result in unnecessary risk.
- Document and communicate these reference architectures to teams and advocate for their adoption to mitigate risk.
- Develop policies and guidelines to make it easier for non-security minded people to understand what to ensure their products do and don’t do.
- Establish organization-wide web security and TLS standards, and, in partnership with operations teams and developers, automated processes to assess and enforce those standards.
- Conduct vulnerability assessments and monitor systems, networks, databases and Web-based assets for potential system breaches.
- Recommend and implement changes to enhance security systems and prevent unauthorized access.
- Respond to alerts from information security tools.
- Report, investigate, and resolve higher level security incidents.
- Research security trends, new methods, and techniques used in unauthorized access of data in order to preemptively eliminate the possibility of system breach.
- Supports the security architect in the development and maintenance of security standards including, but not limited to, network infrastructure, wireless and mobile infrastructure, operating systems, databases, applications, and emerging technologies.
- Understands current as well as emerging security threats.
- Identifies security architecture capabilities and design security architecture patterns to mitigate threats.
- Assesses emerging technologies against security architecture to determine where they fill gaps, overlap with existing solutions or extend capabilities.
- Reviews existing and proposed architectures, identify security design gaps, and recommend changes or enhancements.
- Must have TS/SCI with Poly
- BS and 8 – 12 years of prior relevant experience in a security engineering role.
- Proven expertise in assessing security risks, presenting security topics to people outside of security, analyzing software and system design to identify security vulnerabilities, and policy development.
- Knowledge of state of the art vulnerabilities and attack techniques, and a depth of technical expertise with designing and building tooling to scale your influence and impact. Outstanding interpersonal skills to partner with teams across the organization and support them in reducing their risk.
- Practical experience working with cloud technologies, such as Amazon Web Services, Google Cloud Platform, Microsoft Azure, etc.
- Superb communication skills; ability to work effectively with diverse company partners.
- Proven experience in performing administration functions of Linux/UNIX & Windows systems, network, firewall, and DNS experience.
- Demonstrated working knowledge of vulnerability assessment tools.
- Proven ability to work effectively both independently and/or in a team setting.
- Ability to communicate technical information to a non-technical audience.
- Excellent communication skills, both oral and written
- Provide mentorship and on the job training (OTJ) to junior and/or lesser experienced personnel.
- Active TS/SCI w. Poly
Novetta, from complexity to clarity.
Novetta delivers highly scalable advanced analytics and secure technology solutions to address challenges of national and global significance. Focused on mission success, Novetta pioneers disruptive technologies in machine learning, data analytics, full-spectrum cyber, cloud engineering, open source analytics, and multi-INT fusion for Defense, Intelligence Community, and Federal Law Enforcement customers. Novetta is headquartered in McLean, VA with over 1,300 employees across the U.S.
Our culture is shaped by a commitment to our core values:
Integrity • We hold ourselves accountable to the highest standards of integrity and ethics.
Customer Success • We strive daily to exceed expectations and achieve customer mission success.
Employee Focus • We invest in our employees’ professional development and training, respecting individuality, and fostering a culture of diversity and inclusion.
Innovation • We know that discovering new and innovative ways to solve problems is critical to our success and makes us a great company.
Excellence in Execution • We take pride in flawless execution as we build a company that is best in class.
Earn a REFERRAL BONUS for the qualified people you know.
For more details or to submit a referral, visit bit.ly/NovettaReferrals.
Novetta is an equal opportunity/affirmative action employer.
All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.
Explore more Information Security career opportunities
- Open Senior Infrastructure Security Engineer Jobs
- Open Threat Intelligence Response Analyst Jobs
- Open SOC Analyst Jobs
- Open Senior Penetration Tester Jobs
- Open Principal Security Engineer Jobs
- Open Information Security Architect Jobs
- Open IT Security Engineer Jobs
- Open Information Security Officer Jobs
- Open Staff Security Engineer Jobs
- Open Vulnerability Analyst Jobs
- Open Personnel Security Officer Jobs
- Open Infrastructure Security Engineer Jobs
- Open Chief Information Security Officer Jobs
- Open Senior Information Security Analyst Jobs
- Open IAM Engineer Jobs
- Open Software Security Engineer Jobs
- Open Senior Information Security Engineer Jobs
- Open Sr. Software Engineer - Detection Engineering Jobs
- Open Senior Incident Response Analyst Jobs
- Open DevOps Security Engineer Jobs
- Open Staff Engineer, Cloud Security Jobs
- Open Privacy Manager Jobs
- Open Threat Intelligence Analyst Jobs
- Open Manager, Cybersecurity and Trust Jobs
- Open Cybersecurity Analyst Jobs
- Open NIST-related jobs
- Open Clearance-related jobs
- Open PCI-related jobs
- Open CEH-related jobs
- Open Open Source-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open Splunk-related jobs
- Open Machine Learning-related jobs
- Open Ruby-related jobs
- Open Intrusion detection-related jobs
- Open OSCP-related jobs
- Open Security assessments-related jobs
- Open IPS-related jobs
- Open Encryption-related jobs
- Open Threat detection-related jobs
- Open Docker-related jobs
- Open HIPAA-related jobs
- Open Cryptography-related jobs
- Open TCP/IP-related jobs
- Open DevSecOps-related jobs
- Open PowerShell-related jobs
- Open Unix-related jobs
- Open DNS-related jobs