Input Technology Solutions is seeking an
Information Assurance Engineer for a great client in Aberdeen Proving Ground, Maryland.
Basic Qualifications: An individual must meet the following criteria to be considered:
- U.S. Citizen
- Active Secret Clearance
- Pass a background investigation
- Education: Master's degree preferred (degree can be substituted for relevant technical experience)
- Ten (10) or more years of relevant experience in network, host, data, and/or application security in multiple operating system environments.
- Possess DoD 8570-compliant security certifications to meet IAT/IAM II or III requirements (Security +, CISSP, CCNA, etc.)
General Required Skills: - Demonstrated experience and familiarity with DoD and Army Cybersecurity Policies and Regulations and Risk Management Framework (RMF) Assessment and Authorization (A&A) process, including the provisions of ICD 503, the planning and execution of Security Test and Evaluation (STE), and Cybersecurity Test and Evaluation (CTE) events
- Advanced experience with SELinux, Linux, and Windows server systems
- Understanding of networking fundamentals and network protocols, like TCP/IP, SSH, SFTP, HTTP, and SCP
- Experience with RMF, ICD 503, CNSSI 1253, and NIST Special Publications
- Experience with the DoD Security Technical Implementation Guides (STIGS), Security
- Requirements Guides (SRG), and industry best practices for various applications
- Experience with Assured Compliance Assessment Solution (ACAS) and Host-Based Security Suite (HBSS) applications
- Knowledge of computer networking concepts and protocols, and network security methodologies.
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of cybersecurity principles.
- Knowledge of national and international laws, regulations, policies, and ethics related to cybersecurity.
- Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
- Knowledge of specific operational impacts of cybersecurity lapses.
Key Job Functions: - Participate in the research, analysis, design, testing, and implementation of complex computer network security/protection technologies for company information and network systems/applications.
- Assist customers in identifying security solutions for the company's networks and virtual private networks, application systems, public key infrastructures, authentication, and directory services to ensure the security of the network and confidential data.
- Perform periodic vulnerability scans of networks to identify security vulnerabilities, provide remediation alternatives, and conduct security risk assessments to ensure compliance with corporate security policies and best practices.
- Design enterprise and systems security throughout the development lifecycle; translate technology and environmental conditions (e.g., law and regulation) into security designs and processes.
- Provide subject matter expertise and analysis to bridge the gap between high-level security requirements and policies and ensure their integration into information technology component products and information systems through purposeful security design or configuration.
- Provide security consultation/guidance and engineering to PM product owners, customers, system owners, and developers, and maintain security process coordination within the Department's lifecycle management and governance process.
- Hands-on experience designing secured systems architecture deployed to DoD on-premise and Cloud secured architectures, hands-on securing Development/Test/Deployment environments, hands-on System Security Engineering, and assisting Information Systems Security Manager/Officer (ISSM/ISSO) Services throughout the system Assessment and Authorization processes.
- Perform operational support and development for system environments and provide product recommendations for security technologies.
- Willing to travel as needed.