Information System Security Engineer - Clearance Required

Overview

The Information System Security Engineer will identify and help to eliminate vulnerabilities and risk factors in information systems; stay up to date on the latest innovation in cybersecurity; study trends in cyber around threat actors' behaviors, tactics, and goals; and analyze collected data to find potential anomalies in the security environment.  The Engineer will also evaluate the security impact of system changes to user roles and provisioning.

Remote position, but needs to be within driving distance of Fort Belvoir, VA for accessing SIPRNet (10-20% of time).

Responsibilities

• Work with Security Information and Event Management (SEIM) software and vulnerability management
• Work with EAMS-A and understand how user role provisioning will be impacted by ICAM.
• Understand Zero Trust concepts and be able to articulate changes needed to comply with Army direction.
• Review weekly Assured Compliance Assessment Solution (ACAS) scans and Army Endpoint Security Services (AESS) reports to identify vulnerabilities, misconfigurations, and insecure security practices
• Review AWS security tools (AWS Security Hub, Guard Duty, Cloud Watch, Cloud Trail, Config) to identify any vulnerabilities or misconfigurations.
• Work with the vendor implementation team to fix the vulnerability and/or develop the appropriate plan of action and milestone (POA&M) if the vulnerability cannot be fixed right away
• Manage the POA&M process for the information system, ensuring it meets Army Network Command (NETCOM) thorough requirements, are tracked and completed on time, and reported properly to leadership
• Ensure information system vulnerability status is being properly reported to PEO EIS, as well as external information systems – Continuous Monitoring and Risk Scoring (CMRS) and Cyber Operational Attribute Management System (COAMS)
• Track and review NETCOM Cyber Task Orders (CTO), determining if there is a required action of the information system. Work with the vendor implementation team to ensure the CTO is completed on time
• Provide detailed analysis of vulnerabilities to leadership to understand how an adversary could exposure the vulnerability to compromise the system
• If a security incident occurs, investigate AWS Cloud Trail logs to determine what was done to the system, who committed the actions, how pervasive the attack is (e.g. did they gain a further foothold in the system), and how to limit exposure

Qualifications

Required

• Bachelor’s Degree  
• 10-15 years’ experience with DoD Cyber security management and POA&M development
• Experience with AWS cloud services
• DoD Secret Security Clearance
• DoD IAT Level II Certification (CCNA-Security, CySA+, GICSP, GSEC, Security+, CND, or SSCP)

Desired

• Master’s degree  
• Experience with cArmy
• AWS certifications
• EAMS-A