logo

View all jobs

Cyber Security Project Engineer - (Active) TS/SCI w Poly

Reston, Va · Information Technology
***** All positions require a Active (TS/SCI) Clearance with a Polygraph to be considered *****
 
 Cyber Security Project Engineer should have experience in:
  • Provide analysis of vulnerability results and suggesting mitigation plans for security problems.
  • Use and evaluate vulnerability tools such as, Nessus, AppDetective and WebInspect.
  • Use and evaluate incident response tools such as, HP Fortify and McAfee ePO.
  • Use and evaluate auditing tools such as Splunk.
  • Understand cloud based infrastructure as a service technologies (Amazon Web Services experience preferred).
  • Assist in the evaluation and analysis of AWS cloud services and tools from a security risk perspective.
  • Assist in providing security guidance for internal Sponsor documentation.
  • Provide analysis of vulnerabilities identified by compliance tools.
  • Conduct TEM’s to verify and validate systems against NIST, RMF Sponsor internal security regulations.
  • Assist in researching, evaluating, and developing relevant Information Security policies and guidance.
  • Actively participate in or lead technical exchange meetings and application review boards, documenting actions items/results of these events.
  • Brief management, as needed, on the status of the system and/or risk mitigation activities.
  • Assess/calculate risk based on threats, vulnerabilities, and shortfalls uncovered in testing and provide recommendations for risk decisions to Sponsor.
  • Identify mitigating countermeasures to identified threats, vulnerabilities, and shortfalls.
  • Provide enhancement capabilities and SOPs to assessment operations for execution and implementation.
***** All positions require a Active (TS/SCI) Clearance with a Polygraph to be considered *****
 
The Cyber Security Project Engineer shall have the following required skills and demonstrated experience:
 
  • Demonstrated experience in understanding, applying, and testing IT systems against NIST 800-53/A and (DISA) Industry Standards.
  • Demonstrated experience with cyber security policies and guidance, and research, evaluation, and development of relevant security policies and guidance.
  • Demonstrated experience providing analysis of vulnerability results and suggesting mitigation plans for security problems.
  • Demonstrated experience using Nessus, AppDetective and WebInspect.
  • Demonstrated experience using HP Fortify, McAfee ePO and other incident response tools.
  • Demonstrated experience using auditing tools such as Splunk.
  • Demonstrated experience using Linux, Windows, Wireless and Virtual Platforms.
  • Demonstrated experience with cloud based infrastructure as a service technologies (Amazon Web Services experience preferred).
  • Demonstrated experience securing and providing risk mitigations for systems and applications in the AWS cloud environment.
 
Other demonstrated experiences which are highly desired, though not required, include:
 
  • Experience and knowledge of the Microsoft Cloud (Azure).
  • System configuration, development and design, specifically around enterprise systems.
  • Experience with written and oral communication skills in responding to email, telephone and/or in person inquiries from organizational personnel.
 ***** All positions require a Active (TS/SCI) Clearance with a Polygraph to be considered *****

At least one of the following certifications is highly desired:
ISACA Certified Information Systems Auditor (CISA);
Certified Authorization Professional (CAP);
ISC
Certified Cloud Security Professional (CCSP);
Certified Information Systems Security Professional (CISSP);
ISACA
Certified Information Security Manager (CISM)
PMI Project Management Professional (PMP) certification;
Relevant hands-on technical certification (e.g., Microsoft MCSE); ITIL Foundation certification;
Oracle Database Introduction to SQL;
Certificate of Cloud Security Knowledge (CCSK).
Powered by