Job Title: Security Engineering Specialist
Responsibilities:
- Research, organize, write, edit, train, and produce technical data, guidelines, templates, and policies to support Security Engineering in Windows and Unix environments.
- Conduct information security risk assessments for platforms and applications submitted through the Change Management process.
- Guide users in integrating baseline security requirements for IT systems and advise on alternative approaches.
- Propose remediation/mitigating controls and recommendations to minimize risk.
- Address security concerns in proposed software and hardware projects to ensure security considerations are integrated from the outset.
- Lead security team engagements to develop written Standard Operating Procedures, focusing on improving Information Assurance processes, methodologies, and communication.
- Support iterative review of security assessment results and collaborate with stakeholders to enhance Risk Management and internal controls.
- Apply CIS Benchmarks and DISA STIGs to provide system hardening guidance.
- Maintain a Master Library of Security Benchmarks for reference on baseline security requirements, compliance, and continuous monitoring.
- Provide status updates and follow-up on active Security Engineering tickets.
- Align with and support the execution of the Cybersecurity Information Assurance organization's vision and strategy.
- Develop security guidance, policies, and procedures.
Qualifications:
- 8+ years of experience in IT System and Application review, information assurance, or cybersecurity, with 3+ years of experience in system or risk assessments following NIST 800-53 / Risk Management Framework (RMF) guidelines.
- Must obtain and maintain one industry standard security certification: CompTIA Security+, CISSP, CEH, or DoD equivalent.
- Bachelor’s degree or equivalent work experience in a related field.
- Excellent verbal and written communication skills with the ability to build strong relationships at all levels.
- Strong problem-solving and analytical capabilities.
- Solid understanding of computer systems and network security in compliance with government and industry regulations.
- Ability to independently analyze IT product data, identify security threat sources, and provide recommendations to Government leadership.
- Ability to obtain and maintain a Public Trust clearance.
- Proficiency in editing Microsoft Word documents and Excel spreadsheets, including creating templates, automating table of contents, sorting data, running functions, and creating pivot tables and charts.
Job Type: Full-time
Pay: $120,000.00 - $150,000.00 per year
Benefits:
- 401(k)
- 401(k) matching
- Dental insurance
- Health insurance
- Paid time off
Schedule:
- 8 hour shift
- Day shift
- Monday to Friday
Education:
- Bachelor's (Preferred)
Experience:
- IT: 8 years (Preferred)
Work Location: Remote