Twinn is seeking a Cyber Security InfoSec Engineer to join their Team.
Required Skills
TS/SCI w Poly
Demonstrated experience as an Information System Security Engineer or Information Systems Security Manager.
Demonstrated experience with Risk Management Framework (RMF)
Demonstrated experience analyzing security scans.
Demonstrated experience reviewing RMF controls
Demonstrated experience evaluating plans of action and milestones (POAMs) and determining if POAM body of evidence is acceptable.
Demonstrated experience with security scanning tools providing malicious code detection or intrusion detection.
Demonstrated experience interpreting the output from security tools such as Burp, HP WebInspect, AppDetective, Rapid 7, or Nessus for compliance and vulnerability concerns. .
Demonstrated experience with XACTA or XACTA 360.
Demonstrated experience developing and engineering information systems architectures.
Demonstrated experience developing and implementing security for information systems.
Demonstrated experience with information systems project integration.
REQUIRED Certification: Certified Information Systems Security Professional (CISSP) Certification or equivalent level III certification. (list certification name and year obtained).
Optional Skills
Demonstrated experience with Sponsor’s A&A process, to include writing or reviewing required documentation.
Demonstrated experience with manual auditing procedures associated with Amazon Web Services (AWS).
Demonstrated experience performing network and firewall administration.
Demonstrated experience performing patching and misconfiguration checks.
Demonstrated experience with Confluence.
Demonstrated experience mapping Active Directory and Public Key Infrastructure (PKI) group and membership accesses.
Demonstrated experience in Lean Agile and DevOps Factory environments.
Demonstrated experience setting up auditing services on Linux, Windows.
Demonstrated experience monitoring privileged user actions and activities.
Demonstrated experience with Splunk to aggregate the data collected in the auditing process.
Demonstrated experience with system engineering and system development.
Desired Certification: Certified in Risk and Information Security Controls (CRISC).
Desired Certification: Completion of the Sponsor’s system administrator security course.