Sr IT Security Engineer
Posting ID: JP-002660895
We are seeking a Sr Information Technology Security Compliance Engineer who will assist the client’s Information Systems Security Officer (ISSO).
- This position does offer 2-3 days remote work
- Understanding security engineering and architectures of information systems, the application of knowledge to the network environment, and Continuous Monitoring requirements.
- Understanding software, hardware, and public-facing requirements of client’s information systems on premise and in the cloud.
- Analyzing security systems and continuously seek improvements.
- Developing best practices and security standards for the network environment.
- Assisting in the tracking and remediation activities of systems, networks, applications, and source code vulnerabilities by reviewing scan reports and working with the relevant parties to remediate the vulnerabilities.
- Assisting to develop non-compliance waivers regarding business justifications, compensating controls, and residual risks.
- Driving the implementation of security projects that require compliance with relevant government policies or standards.
- Supporting security engineering regulatory compliance efforts for IT programs.
- Assisting client in coordination, implementation, communication, and enforcement of the IT security policies.
- Advising on the development and design of methodologies to conduct business case analyses of the information security infrastructure.
- Providing guidance, assistance, and coordination to systems developers, systems administrators, and other specialists to ensure the proper and timely implementation of information systems security standards and vulnerability remediation for both systems under development and deployed in production systems.
- Understanding and participating in incident response on-call rotation as well as communicate with Incident Response Team via meetings, emails, and conferences to promptly validate and address compliance findings.
- Responding to systems and network security incidents, e.g., system compromise, loss of confidentiality, authentication problems, etc.
- Implementing new processes to optimize security system to support the client organization.
Security, Compliance, Information security, Tenable, Nessus, SDLC, software development life cycle, Windows, Unix, vulnerability, risk assessment, scans, cloud, AWS, Security center, Splunk
Top Skills Details:
- This is an operational security position, not policy focused (FISMA/FedRAMP)
- Security, Compliance, Information security, Tenable, Tessus, SDLC, software development life cycle, Windows, Unix, vulnerability ,risk assessment, scans
Additional Skills & Qualifications:
- Bachelor’s degree in related technical field and 10+ years of related experience is required. Related experience includes 5 years of Unix/Windows system administration and 5 years of IT security experience. Additional experience can be substituted for a degree.
- Strong understanding of Windows, Linux, and Active Directory.
- Expert knowledge of IT security vulnerabilities and risk assessments with the ability to explain the risks associated with them to executives, program, and technology staff.
- Ability to run scans (Nessus) and validate remediation.
- Experience with major components and architecture of Tenable such as SecurityCenter, Nessus Manager, scanners, agents, and Tenable.io.
- Experience with Secure Information Systems processes in the cloud, such as AWS.
- Working experience in applying FISMA, and FedRAMP processes and policies to information systems.
- Ability to work with program staff, executives, and technology staff to achieve IT security goals and objectives.
- Understanding of the Secure Software Development Life Cycle and Splunk.
- Excellent oral communication, writing, problem-solving skills, and attention to detail.
- CISSP certification is required (or must obtain within 6 months of start).
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
Recruiter: Jean Chambers
Phone: (410) 579-3072