Cyber Security Engineer - TS Clearance

Windward IT Solutions Ashburn , VA 20147

Posted 3 weeks ago

Windward Consulting is at the forefront of Service-Centric IT. With strategic consulting, unparalleled technical expertise and our proven Windward Service-Centric IT Roadmap, we help our clients align the core competencies of process, organization, information and technology to run the most sensitive and mission-critical IT environments in the world.

Our consultants solve our clients' most challenging problems, uncovering answers to questions they didn't even know. Only apply if you have a thirst to learn new technologies and thrive in a fast paced environment. We Work with the US Government as well as Fortune 500 clients, and our employees are not only passionate and driven, but strive to ensure customer quality is delivered consistently and effectively.

If you are looking for an opportunity to be involved with a team of individuals who are working within one of our cutting edge clients solving complex technical challenges then we are looking for you. We are looking for people who are passionate about technology and have a "roll up their sleeves mentality". Here at Windward we offer numerous opportunities to expand your experience in various areas depending upon your aptitude and interests. Our employees are not only passionate and driven, but strive to ensure customer quality is delivered consistently and effectively.

As a result of our continued success, we are seeking a Cyber Security Engineer to join an agile software development team. Specifically, the Cyber Security Engineer's role will be to primarily help guide the agile software development team get custom developed software through the Assessment and Authorization (A&A) process and obtain ATO.

Job duties:

  • Lead security authorization processes and procedures

  • Recommend security best practices and system configuration standards

  • Advise the team on security architecture best practices

  • Write System Security Plans and other documentation required to obtain ATO (Authority to Operate)

  • Develop, implement, and evaluate security Concept of Operations (CONOPS) and System Security Plans (SSP) to satisfy Assessment and Authorization (A&A) requirements in accordance with NIST 800-53, FISMA, Risk Management Framework (RMF) and other government guidelines, as required

  • Perform scans, review the results, and write necessary reports and plans.

  • Conduct periodic reviews to ensure compliance with established policies and procedures

  • Maintain a broad knowledge of technology, equipment and/or systems to include the DevSecOps tools available in AWS GovCloud

Required Qualifications/Certifications:

  • Experience with the A&A process and documentation

  • Excellent written and verbal communication skills

Desired Skills/Certifications:

  • Excellent understanding of common computing platforms such as RedHat Linux Server, and databases

  • DevSecOps experience in AWS environment

  • Atlassian tools Confluence, JIRA

Education and Experience:

  • BA/BS and a minimum of 5 years of cyber related experience

Security Clearance:

  • Active/current Top Secret clearance is required

Work Location:

  • Fairfax, VA

Windward Consulting strives to attract and retain the best individuals and provide an environment where they can all grow professionally and build a rewarding career. We continually strive to create an environment that balances work life and offers benefits that will enhance the compensation package. We offer Medical, Dental, Vision, Flexible Spending Accounts, Short Term Disability, Long Term Disability, Life Insurance and AD&D, as well as the option to purchase additional Life Insurance and AD&D, Paid Time Off, Personal Leave, Holidays, 401(k) plan with company match and work/life balance.

Windward Consulting is proud to be an Equal Opportunity Employer. Applicants are considered for all positions without regard to race, color, religion, sex, national origin, age, disability, sexual orientation, ancestry, marital or veteran status.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Enterprise Cyber Security Manager (Dhs Experience Required)

Caci International Inc.

Posted Yesterday

VIEW JOBS 4/23/2019 12:00:00 AM 2019-07-22T00:00 Enterprise Cyber Security Manager (DHS Experience Required) Req #: 220351 Location: Ashburn, VA US Job Category: Information Technology Security Clearance: Secret Clearance Status: Must be Obtainable Job Description Responsibilities: Serves as a Cybersecurity project manager, with lead responsibility for the Information Assurance and Security of application, database, and enterprise network services. Responsible for activities associated with delivery of Cybersecurity policy implementation and network solutions associated with customer-defined systems and software projects; basic responsibilities include: * Maintain an Enterprise Cybersecurity Program strategy * Apply information security in accordance with Department of Homeland Security (DHS) and NIST security policies including, but not limited to DHS 4300A, NIST SP 800-30, NIST 800-37, NIST 800-53a, NIST SP 800-61, NIST 800-171, and other applicable DHS and DHS Component cybersecurity policies and practices * Assess entire DHS System Engineering Life Cycle (SELC) requirements and network security impacts * Guide Cybersecurity team on documenting cybersecurity requirements and manage all tasks of the cyber teams to include cyber threats, threat/risk briefs, risk assessments, ATO recommendations, technical reviews, control reviews, policy creation, IA Directives management, etc. * Support creation of, and ensure approval for, DHS Risk Management Framework (RMF) Assess and Authorize (A&A) Process for development and sustainment projects * Support program and customer management, and government Authorizing Official (AO) for all information security status, policies, and procedures * Document DHS RMF Security Implementation Plan artifacts. Coordinate and assist development team with application artifact documentation * Assist government personnel in preparing and presenting system continuous accreditation packages as outlined in DHS 4300A AO and analyze US-CERT, DHS, and current threat environment; * Enhance – Implement Cybersecurity vulnerability/A&A hardening testing * Optimize – Cybersecurity development environment certification * Architect & Engineer security – develop security goals, capabilities, controls, and architecture * Design & Implement security – vulnerability management, build security into development * Integrate & Test Security – test patches and settings, document A&A artifacts * Validate & Verify security – validate patch status and software control status * Implement security – apply patches and security settings, performance incident handling and remediation * Maintain security posture – audit security settings, track security training, monitor threats, track reaccreditation * Enable assurance for information security during all phases of agile software development and deployment * Continuously evaluate and recommend innovative proven best business practices and tools to enhance defense-in-depth * Identify, assess, and recommend zero-day cyber threat remediation * Address Cybersecurity issues to help maintain Continuity of Operations Plan (COOP) * Assist engineers with implementing and maintaining Common Access Card (CAC) and Public Key Infrastructure (PKI) functions into existing and future application development to ensure confidentiality, integrity, and availability to mission support * Manage subordinates with performing information security vulnerability testing and mitigate any nonconformance * Create and manage Plan of Action & Milestones (POA&M) * Implement and validate Security Technical Implementation Guide (STIG) requirements for all development and implementation projects * Understand and assist developers with static code analysis processes Required Skills: * Must be a U.S. Citizen, with or eligible for a Government security clearance * College degree in Information Assurance, Computer Science, Information Management Systems or a related discipline * Certifications: 8570.01-M, IAT Level III: CISCO CCNP Security; (ISC)2's CISSP; ISACA CISA, GIAC Certified Incident Handler (GCIH), GIAC Certified Enterprise Defender (GCED); and/or CompTIA Advanced Security Practitioner (CASP) * Demonstrated knowledge of DHS security policies including, but not limited to, DHS 4300A, NIST SP 800-30, NIST 800-37, NIST 800-53a, NIST SP 800-61, NIST 800-171, and other applicable DHS and DHS Component cybersecurity policies and practices * Demonstrated knowledge of DHS RMF accreditation implementation * Minimum of five years of experience leading and directing technical teams in support of DoD/DHS Security Management and Security Engineering policy guidance and directives to both hardware and software-centric environments * Minimum of five years of experience overseeing a cybersecurity program of a similar size, scope and complexity to include vulnerability assessments, IAVA reporting, and IA problem resolution including applying security principles and best practices in J2EE, Microsoft, .NET, Linux, COTS (SAP) and Oracle environments * Demonstrated experience with static code analysis using tools like Microfocus Fortify Software Security Center or similar source code analysis capability * Demonstrated experience with Vulnerability Scanner technologies * Demonstrated familiarity and experience with Firewalls, Intrusion Prevention Systems, WebGateways, and/or enterprise Antivirus software technologies * Demonstrated experience using CSET * Experience with continuous integration tools and environments * Ability to identify and manage risk * Working knowledge of and ability to assist others in the use of information security provisioning and monitoring tools to support process improvement * Understanding of all elements of the DHS Cybersecurity policies and requirement * Highly responsible, team-oriented individual with very strong communication skills and work ethic; self-starter * Ability to organize and lead large, professional teams Desired Skills: * Experience working with microservices cross functional teams to quickly deliver incremental functionalities with security included at each phase of development * Experience with managing cybersecurity for a virtualized on-premise infrastructure * Experience performing migrations to military virtualized and/or cloud environments * Experience FEDRAMP cloud provider certifications * Experience performing cloud migrations * Experience with Cloud Service Provider Cybersecurity implementation, practices. And Service Level Agreement (SLA) negotiations * Demonstrated knowledge and experience with ISO 27000 information security management principles * Ability to apply advanced principles, theories, and concepts, and contribute to the development of innovative IA principles and ideas * Experience working on unusually complicated problems and providing solutions that are highly creative and ingenious, exhibiting ingenuity, creativity, and resourcefulness * Experience with scripting languages such as Perl, VBScript, Ruby, etc. * Experience with Computer Network Defense (CND) processes, procedures, and tools Job Location US-Ashburn-VA-VIRGINIA SUBURBAN CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities. Caci International Inc. Ashburn VA

Cyber Security Engineer - TS Clearance

Windward IT Solutions