SENIOR IT SECURITY ENGINEER

Job Description

Serve as a Cybersecurity Subject Matter Expert (SME) supporting agency personnel with FPCS assessments.

• Provide cybersecurity support and documentation to obtain favorable assessments and for continuous monitoring of systems throughout their lifecycle.
• Fully versed in the general tenets supporting the overall implementation of its authorization process, to include supporting cybersecurity policy, procedures and processes.
• Support cybersecurity process by serving as a SME for the FPCS undergoing authorization.
• Design, develop, implement cybersecurity into the system and deliver cybersecurity assessment documentation and other related documentation.
• Possess an understanding of how the security controls identified in the NIST 800-53 apply to the process of assessing and authorizing FPCS.
• Determine the applicable severity value for an identified vulnerability (e.g., non-compliant security control), and determine the possible ramifications on the system’s current or future authorization.
• Perform key functions related to security control selection, implementing controls, documenting controls, and closely collaborate with personnel on complex system details. This includes monitoring and controlling communications at key internal boundaries among subsystems and providing system-wide common controls that meet or exceed the requirements of the constituent subsystems inheriting those system-wide common controls.
• Development, integration, and testing to deliver and deploy production-ready systems that meets business requirements and project schedule.
• Work closely with product management to translate business requirements into technical solutions, architecture design, level of effort and project schedule.
• Design architecture and establish best practices that produce efficient and elegant system operations while reducing refactoring and rework.
• Provide support with the STIGs process and develops and submit cybersecurity documentation
• Responsible for the implementation, including meeting all required STIG compliance; keeping the FPCS systems / applications in compliance with required STIGs; and supporting reviews associated with STIGs, cyber assessments, and continuous monitoring activities.

Qualifications

Additional Information

Only qualified candidates will be contacted.  Be sure to keep an eye on your spam or junk folders in case our emails end up in there!  Please, no phone calls directly to our business, CEO, hiring managers, or recruiters. Due to the high volume of applicants, we typically receive for our career openings, we are not able to do phone interviews until later stages of the hiring process.

Toomey Technologies is an equal opportunity employer.