Information System Security Engineer (Junior) | Active TS/SCI Required

Job Description

Job Description

Jr Information System Security Engineer  supports the technical security assessments of computing environments to identify points of vulnerability, non-compliance with established cybersecurity standards and regulations and recommends mitigation strategies. Maintains understanding of current DoD cybersecurity policy, procedures, and requirements. Supports implementation and maintenance of software and hardware solutions that enable compliance with cybersecurity requirements. Supports the development of documentation as well as the customer and third-party evaluators in support of system accreditation.

Duties may include :

• Perform security analysis to determine gap, compensating / mitigating controls, and residual risk
• Identify security risks through the security impact analysis, system risk assessments and technology security risk reports
• Employ scripting tools such as python, shell, PowerShell, ansible, and terraform to automate auditing and hardening actions
• Experience with virtual machines and containerization a plus
• Troubleshoot and remediate issues arising from cybersecurity components  (IDS / IPS, firewall, log aggregation, etc.) in a heavily Linux environment
• Experience with RHEL and basic networking is a plus
• Apply knowledge of security principles, policy, and regulations related to NIST 800-53
• Conduct security compliance evaluations on IT products to create secure configuration guidelines and baselines based on DISA STIG / SRGs and organizational standards
• Perform security evaluations using tools such as Tenable Nessus, Nmap, Wireshark, Metasploit, and container vulnerability scanners
• Develop secure configuration guidelines and perform security compliant evaluations on various IT product types : Operating Systems, Network Devices, Databases, Cloud Applications, etc
• Organize, develop, and present security briefings, written summaries, and written reports incorporating narrative, tabular and / or graphic elements on security assessments, whitepapers relating to computer and network security technologies and tools
• Effectively and efficiently communicate and collaborate with external and internal customers of any hardware and software configuration changes that adversely affect any current system security and their configurations or violates policy
• Implement the Cyber Security requirements of IT systems and applications documenting them in formal security engineering documents using Risk Management Framework and supporting artifacts associated with risk assessments
• Experience with eMASS is a plus
• Implement IT security solutions and assures successful implementation
• Experience with CI / CD is a plus

Education, Experience, Certifications

Security Clearance :

Active TS / SCI and the willingness to sit for a polygraph, if needed

Company Description

Since 1998, ResourceOne and its Recruiters have been leaders in the recruiting industry. Recruiting coast-to-coast, we offer personalized services to our clients to help find them their next Great Hire by delivering superior candidates like you! We focus on your needs and present real job openings to you that our clients are hiring for that are often times not advertised anywhere else. We keep your interest confidential and work hard to meet your needs for your next career step.

Company Description

Since 1998, ResourceOne and its Recruiters have been leaders in the recruiting industry. Recruiting coast-to-coast, we offer personalized services to our clients to help find them their next Great Hire by delivering superior candidates like you! We focus on your needs and present real job openings to you that our clients are hiring for that are often times not advertised anywhere else. We keep your interest confidential and work hard to meet your needs for your next career step.