Information System Security Engineer Junior Active TSSCI Required

Job Description

Jr Information System Security Engineer supports the technical security assessments of computing environments to identify points of vulnerability, non-compliance with established cybersecurity standards and regulations and recommends mitigation strategies. Maintains understanding of current DoD cybersecurity policy, procedures, and requirements. Supports implementation and maintenance of software and hardware solutions that enable compliance with cybersecurity requirements. Supports the development of documentation as well as the customer and third-party evaluators in support of system accreditation.

Skills, Experience, Qualifications, If you have the right match for this opportunity, then make sure to apply today.

Duties may include :

• Perform security analysis to determine gap, compensating / mitigating controls, and residual risk
• Identify security risks through the security impact analysis, system risk assessments and technology security risk reports
• Employ scripting tools such as python, shell, PowerShell, ansible, and terraform to automate auditing and hardening actions
• Troubleshoot and remediate issues arising from cybersecurity components (IDS / IPS, firewall, log aggregation, etc.) in a heavily Linux environment
• Apply knowledge of security principles, policy, and regulations related to NIST 800-53
• Conduct security compliance evaluations on IT products to create secure configuration guidelines and baselines based on DISA STIG / SRGs and organizational standards
• Perform security evaluations using tools such as Tenable Nessus, Nmap, Wireshark, Metasploit, and container vulnerability scanners
• Develop secure configuration guidelines and perform security compliant evaluations on various IT product types : Operating Systems, Network Devices, Databases, Cloud Applications, etc.
• Organize, develop, and present security briefings, written summaries, and written reports incorporating narrative, tabular and / or graphic elements on security assessments, whitepapers relating to computer and network security technologies and tools
• Effectively and efficiently communicate and collaborate with external and internal customers of any hardware and software configuration changes that adversely affect any current system security and their configurations or violates policy
• Implement the Cyber Security requirements of IT systems and applications documenting them in formal security engineering documents using Risk Management Framework and supporting artifacts associated with risk assessments
• Implement IT security solutions and assures successful implementation

Education, Experience, Certifications :

Security Clearance :

J-18808-Ljbffr