Information Assurance/Security Engineer IV with Security Clearance
Responsibilities As an Information Security Engineer, you will work hands on to assess and harden the mission systems to meet DISA compliance.
You will work with the team to develop automated STIGing capabilities utilizing a combination of PowerShell, automated checklist scanning tools, and DevSecOps build pipelines enabling the organization to improve our overall security baseline while reducing the manual checks required.
This work includes but is not limited to:
Perform automated and manual STIG scans Develop and remediate POAMs Provides technical and programmatic Information Assurance Services to internal and external customers in support of network and information security systems.
Design, develop and implement security requirements within an organization's business processes.
Prepare documentation from information obtained from customer using accepted guidelines such as RMF (Risk Management Framework).
Provide assessment and authorization (A&A) support in the development of security and contingency plans and conducts complex risk and vulnerability assessments.
Analyze policies and procedures against Federal laws and regulations and provides recommendations for closing gaps.
Develop and complete system security plans and contingency plans.
Recommend system enhancements to improve security deficiencies.
Secure system configurations and install security tools, scan systems in order to determine compliancy and report results and evaluates products and various aspects of system administration.
Conduct security program audits and develops solutions to lessen identified risks.
Develops strategie to comply with privacy, risk management, and e-authentication requirements.
Provide information assurance support for the development and implementation of security architectures to meet new and evolving security requirements.
Evaluate, developsand enhances security requirements, policy and tools.
Provide assistance in computer incident investigations.
Perform vulnerability assessments including development of risk mitigation strategies.
Other duties as assignedQualifications BS 8-10, MS 6-8, PhD 3-5.
In lieu of education, candidate must have 12
years of relevant experience.
Active TS/SCI clearance IAT level II certification or higher (https:
//public.
cyber.
mil/cw/cwmp/dod-approved-8570-baseline-certifications/) />Desired Experiences:
STIGing multiple technologies (Windows, AD, VMware, RHEL, CISCO, DNS, Palo Alto, etc.
) STIGing tools (SCAP Compliance Checker, STIGViewer, Evaluate-STIG, Vulnerator) ACAS/NESSUS McAfee ePO and Army Enterprise System Security (AESS) eMASS Fortify Source Code Analysis and application security Risk Management Framework (Categorization, Controls, Implementation, Assessment, Authorization, Continuous Monitoring) PowerShell or other scripting languages AWS cloud securityPeraton Overview Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy.
As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure.
Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets.
Every day, our employees do the can't be done, solving the most daunting challenges facing our customers.
Target Salary Range $86,000 - $138,000.
This represents the typical salary range for this position based on experience and other factors.
EEO An Equal Opportunity Employer including Disability/Veteran.
Recommended Skills Application Security Auditing Business Processes Cisco Dns Fortify (Software) Estimated Salary: $20 to $28 per hour based on qualifications.
You will work with the team to develop automated STIGing capabilities utilizing a combination of PowerShell, automated checklist scanning tools, and DevSecOps build pipelines enabling the organization to improve our overall security baseline while reducing the manual checks required.
This work includes but is not limited to:
Perform automated and manual STIG scans Develop and remediate POAMs Provides technical and programmatic Information Assurance Services to internal and external customers in support of network and information security systems.
Design, develop and implement security requirements within an organization's business processes.
Prepare documentation from information obtained from customer using accepted guidelines such as RMF (Risk Management Framework).
Provide assessment and authorization (A&A) support in the development of security and contingency plans and conducts complex risk and vulnerability assessments.
Analyze policies and procedures against Federal laws and regulations and provides recommendations for closing gaps.
Develop and complete system security plans and contingency plans.
Recommend system enhancements to improve security deficiencies.
Secure system configurations and install security tools, scan systems in order to determine compliancy and report results and evaluates products and various aspects of system administration.
Conduct security program audits and develops solutions to lessen identified risks.
Develops strategie to comply with privacy, risk management, and e-authentication requirements.
Provide information assurance support for the development and implementation of security architectures to meet new and evolving security requirements.
Evaluate, developsand enhances security requirements, policy and tools.
Provide assistance in computer incident investigations.
Perform vulnerability assessments including development of risk mitigation strategies.
Other duties as assignedQualifications BS 8-10, MS 6-8, PhD 3-5.
In lieu of education, candidate must have 12
years of relevant experience.
Active TS/SCI clearance IAT level II certification or higher (https:
//public.
cyber.
mil/cw/cwmp/dod-approved-8570-baseline-certifications/) />Desired Experiences:
STIGing multiple technologies (Windows, AD, VMware, RHEL, CISCO, DNS, Palo Alto, etc.
) STIGing tools (SCAP Compliance Checker, STIGViewer, Evaluate-STIG, Vulnerator) ACAS/NESSUS McAfee ePO and Army Enterprise System Security (AESS) eMASS Fortify Source Code Analysis and application security Risk Management Framework (Categorization, Controls, Implementation, Assessment, Authorization, Continuous Monitoring) PowerShell or other scripting languages AWS cloud securityPeraton Overview Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy.
As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure.
Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets.
Every day, our employees do the can't be done, solving the most daunting challenges facing our customers.
Target Salary Range $86,000 - $138,000.
This represents the typical salary range for this position based on experience and other factors.
EEO An Equal Opportunity Employer including Disability/Veteran.
Recommended Skills Application Security Auditing Business Processes Cisco Dns Fortify (Software) Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
