Information System Security Engineer - Clearance Required
Fort Belvoir, VA, United States
Logistics Management Institute
With a legacy of solving the government’s most complex challenges and an outcome-driven model to execute above expectation, LMI transforms missions with solutions that define the new speed of possible.Overview
The Information System Security Engineer will identify and help to eliminate vulnerabilities and risk factors in information systems; stay up to date on the latest innovation in cybersecurity; study trends in cyber around threat actors' behaviors, tactics, and goals; and analyze collected data to find potential anomalies in the security environment. The Engineer will also evaluate the security impact of system changes to user roles and provisioning.
Remote position, but needs to be within driving distance of Fort Belvoir, VA for accessing SIPRNet (10-20% of time).
Responsibilities
- Work with Security Information and Event Management (SEIM) software and vulnerability management
- Work with EAMS-A and understand how user role provisioning will be impacted by ICAM.
- Understand Zero Trust concepts and be able to articulate changes needed to comply with Army direction.
- Review weekly Assured Compliance Assessment Solution (ACAS) scans and Army Endpoint Security Services (AESS) reports to identify vulnerabilities, misconfigurations, and insecure security practices
- Review AWS security tools (AWS Security Hub, Guard Duty, Cloud Watch, Cloud Trail, Config) to identify any vulnerabilities or misconfigurations.
- Work with the vendor implementation team to fix the vulnerability and/or develop the appropriate plan of action and milestone (POA&M) if the vulnerability cannot be fixed right away
- Manage the POA&M process for the information system, ensuring it meets Army Network Command (NETCOM) thorough requirements, are tracked and completed on time, and reported properly to leadership
- Ensure information system vulnerability status is being properly reported to PEO EIS, as well as external information systems – Continuous Monitoring and Risk Scoring (CMRS) and Cyber Operational Attribute Management System (COAMS)
- Track and review NETCOM Cyber Task Orders (CTO), determining if there is a required action of the information system. Work with the vendor implementation team to ensure the CTO is completed on time
- Provide detailed analysis of vulnerabilities to leadership to understand how an adversary could exposure the vulnerability to compromise the system
- If a security incident occurs, investigate AWS Cloud Trail logs to determine what was done to the system, who committed the actions, how pervasive the attack is (e.g. did they gain a further foothold in the system), and how to limit exposure
Qualifications
Required
- Bachelor’s Degree
- 10-15 years’ experience with DoD Cyber security management and POA&M development
- Experience with AWS cloud services
- DoD Secret Security Clearance
- DoD IAT Level II Certification (CCNA-Security, CySA+, GICSP, GSEC, Security+, CND, or SSCP)
Desired
- Master’s degree
- Experience with cArmy
- AWS certifications
- EAMS-A
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: ACAS AWS Clearance Clearance Required Cloud CND Compliance DoD Endpoint security GICSP GSEC Monitoring POA&M Security Clearance SSCP Vulnerabilities Vulnerability management Zero Trust
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs