Information System Security Engineer

GovCIO is currently hiring for an Information System Security Engineer. This position will be located in Washington, DC. The Information System Security Engineer (ISSE/ISSO) position will function as an integral member of the GIS program team. Overall, the GIS team is responsible to provide assessment, planning, designing, development, deployment, training, and transition to operations activities related to maturing the USAID’s GIS infrastructure, capabilities, and service offerings utilized by USAID’s Bureaus and external partners.  In this role, the ISSE provides security management oversight to all GIS activities occurring within the program scope.  The role is expected to have interaction and coordination with the USAID IA group to ensure compliant, certified solutions are developed and implemented.  

Activities may include correlation of threat data from various sources to establish the identity and modus operandi of hackers active in client's networks and posing a potential threat. Provides the customer with assessments and reports facilitating situational awareness and understanding of current cyber threats and adversaries. Develops cyber threat profiles based on geographic region, country, group, or individual actors. Produces cyber threat assessments based on entity threat analysis. May provide computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments. Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.

Examples of work activity:

• Manage Security Assessment and Authorization (SA&A) package: Create, draft, and maintain SA&A document
• Provide assessment support working toward an approved Authority to Operate (ATO)
• Comply with USAID, Government and industry Information Assurance (IA) standards, policies, guidelines, and best practices
• Responsible for Systems security, testing and system accreditation activities
• Apply information technology security principles and configure security settings, complete weekly system audit, apply security patches and conduct reviews
• Assist in the development and implementation of government approved information security procedures and plans for the operation of multiple networked and standalone classified computers, and coordinate government agency approvals.
• Consult on the design, development, integration, and analysis of classified computing systems with the project design and implementation staff
• Assist with self-inspection reviews
• Assist in conducting comprehensive investigation of security incidents
• Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyberthreats to the client.
• Provides timely and actionable sanitized intelligence to cyber incident response professionals.
• Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client's security posture.
• Conducts intelligence analysis to assess intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber attacks.
• Researches hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership.

Required Skills and Experience

• Bachelor's with 8+ years (or commensurate experience)
• Minimum Certification Requirements: CISSP
• Must have a minimum of five (5+) years of experience with all phases of Information Assurance and accreditation processes, securing IT systems and services using Government and industry IA standards, policies, guidelines, and best practices.
• Demonstrated experience successfully managing information security risks to include completing the entire A&A process including receiving Authority to Operate (ATO) for the cloud.
• Experience supporting vulnerability scanning tools
• Experience performing Security Operations in environments with 10,000+ endpoints
• Working knowledge of network security
• 5+ years of experience producing IAT-Related documentation and governance materials
• 5+ years of experience conducting Assessment and Authorization (A&A) using Risk Management Framework (RMF) activities
• US Citizenship

Preferred Skills and Experience

• Understanding of federal ISSO process

• Zero Trust Architecture
• NextGen Firewalls, specifically Palo Alto
• Encryption and PKI
• Dynamic Access Control / Identity Management
• Azure AD
• Splunk (or other SIEMs including ELK and Google Chronicle)
• Cisco Network Security (including Cisco Tetration, Cisco ISE)
• AWS / Azure security function (e.g., Azure Security Center)
• Endpoint Device Health and Forensics

• 5-10 years of Identity and Network security design and implementation
• Understanding of Trusted Internet Connection version 3 standards and migration path
• 2-5 years of Cloud Access Security Broker (CASB) experience
• Other certifications preferred: CCSP, CISM, GSLC, CISA, CASP, or equivalent from issuing bodies: (ISC)², Comp TIA, ISACA, GIAC, CISCO, EC-Council, IAPP, or equivalent.

• Clearance Requirement: Active Secret Clearance

GovCIO is a team of transformers--people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens.
But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer?
We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets.

Posted Pay Range

The posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an “at-will position” and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department/team performance, and market factors.