Information System Security Engineer

OverviewGovCIO is currently hiring for an Information System Security Engineer to support Information Assurance contract needs.

This position is located in the Washington DC Metro Area and will be a hybrid position, primarily working remote with a periodic need for an onsite presence.

The SPS IA team is responsible to provide assessment, planning, designing, development, deployment, training, and transition to operations activities related to maturing the USAID’s infrastructure, capabilities, and service offerings utilized by USAID’s Bureaus and external partners.

ResponsibilitiesThe Information System Security Engineer (ISSE / ISSO) position will function as an integral member of the IA program team.

Overall, the IA team is responsible to provide assessment, planning, designing, development, deployment, training, and transition to operations activities related to maturing the USAID’s infrastructure, capabilities, and service offerings utilized by USAID’s Bureaus and external partners.

In this role, the ISSE provides security management oversight to all IA activities occurring within the program scope. The role is expected to have interaction and coordination with other USAID IA groups to ensure compliant, certified solutions are developed and implemented.

Activities may include correlation of threat data from various sources to establish the identity and modus operandi of hackers active in client's networks and posing a potential threat.

Provides the customer with assessments and reports facilitating situational awareness and understanding of current cyber threats and adversaries.

Develops cyber threat profiles based on geographic region, country, group, or individual actors. Produces cyber threat assessments based on entity threat analysis.

May provide computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments.

Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.

Examples of work activity : Manage Security Assessment and Authorization (SA&A) package : Create, draft, and maintain SA&A documentProvide assessment support working toward an approved Authority to Operate (ATO)Comply with USAID, Government and industry Information Assurance (IA) standards, policies, guidelines, and best practicesResponsible for Systems security, testing and system accreditation activitiesApply information technology security principles and configure security settings, complete weekly system audit, apply security patches and conduct reviewsAssist in the development and implementation of government approved information security procedures and plans for the operation of multiple networked and standalone classified computers, and coordinate government agency approvals.

Consult on the design, development, integration, and analysis of classified computing systems with the project design and implementation staffAssist with self-inspection reviewsAssist in conducting comprehensive investigation of security incidentsCollaborates with intrusion analysts to identify, report on, and coordinate remediation of cyberthreats to the client.

Provides timely and actionable sanitized intelligence to cyber incident response professionals.Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client's security posture.

Conducts intelligence analysis to assess intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber attacks.

Researches hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership.

QualificationsRequired Skills and ExperienceBachelor's with 8+ years (or commensurate experience)Minimum Certification Requirements : CISSP, CISA, CEH, CISM or similar security certificationMust have a minimum of five (5+) years of experience with all phases of Information Assurance and accreditation processes, securing IT systems and services using Government and industry IA standards, policies, guidelines, and best practices.

Demonstrated experience successfully managing information security risks to include completing the entire A&A process including receiving Authority to Operate (ATO) for the cloud.

Experience supporting vulnerability scanning toolsExperience performing Security Operations in environments with 10,000+ endpointsWorking knowledge of network security5+ years of experience producing IAT-Related documentation and governance materials5+ years of experience conducting Assessment and Authorization (A&A) using Risk Management Framework (RMF) activitiesUS Citizenship is required to acquire a government clearanceClearance Required : Must be able to acquire and maintain a Secret clearance along with USAID suitabilityPreferred Skills and ExperienceUnderstanding of federal ISSO processZero Trust ArchitectureNextGen Firewalls, specifically Palo AltoEncryption and PKIDynamic Access Control / Identity ManagementAzure ADSplunk (or other SIEMs including ELK and Google Chronicle)Cisco Network Security (including Cisco Tetration, Cisco ISE)AWS / Azure security function (e.

g., Azure Security Center)Endpoint Device Health and Forensics5-10 years of Identity and Network security design and implementationUnderstanding of Trusted Internet Connection version 3 standards and migration path2-5 years of Cloud Access Security Broker (CASB) experienceOther certifications preferred : CCSP, CISM, GSLC, CISA, CASP, or equivalent from issuing bodies : (ISC)², Comp TIA, ISACA, GIAC, CISCO, EC-Council, IAPP, or equivalent.

Company OverviewGovCIO is a team of transformers people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens.

But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people.

We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer?

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran.

EOE, including disability / vets.Posted Pay RangeThe posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity.

The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process.

If hired, employee will be in an at-will position and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department / team performance, and market factors.

Posted Salary RangeUSD $140,000.00 - USD $170,000.00 / Yr.Submit a referral to this job ()Location US-Washington DCID 2024-4921Category Cyber Security & IntelligencePosition Type Full-Time