Security Engineering And Compliance Manager

ECS is seeking a Security Engineering and Compliance Manager to work hybrid in our Fairfax, VA office. Please Note: This position is contingent upon contract award.

Job Description:

ECS is seeking talented professionals who love a challenge to join us in building the next-generation Continuous Diagnostics and Mitigation (CDM) Cyber data solution. The CDM Program is the Cybersecurity and Infrastructure Security Agency's (CISA) dynamic approach to strengthening the cybersecurity of Federal networks and systems through better awareness and visibility into their security posture and cyber threats. ECS is responsible for designing, building, deploying, operating, and maintaining a complete 'Data Services' solution which includes the collection, normalization, visualization, and sharing of cyber data from more than 100 Federal agencies. The CDM Data Services product is a cloud-hosted solution comprised of multiple Commercial Off the Shelf (COTS), software configuration packages, and custom code which work together to operate as an integrated solution tailored to meet DHS requirements.

We are seeking professionals who thrive in a dynamic, fast-paced, and highly collaborative environment where problem-solving, critical thinking, and a holistic approach to serving the mission are key. Our program operates within the Scaled Agile Framework (SAFe). An aptitude and enthusiasm for continuous learning, improvement, and cyber security is a must!

ECS is seeking a talented, dynamic, and enthusiastic Security Engineering and Compliance Manager. The successful candidate will apply their knowledge to scrutinize the security architecture, implementation, deployment, and operations of the CDM Data Services solution. This individual will provide technical expertise and management skills to maintain and achieve a DHS Authority to Operate (ATO) of the solution.

Required Skills:

• US citizenship and ability to acquire Public Trust Suitability.

• 5+ years of Security Engineering experience.

• Bachelor's degree or equivalent additional experience.

• In depth understanding of general information security concepts and principles, system architectures and development, network protocols, etc.

• In depth experience with supporting system Authority to Operate (ATO) processes and creating artifacts, control implementation details, Risk Management Framework (RMF), and POAMs.

• Ability to analyze vulnerability assessment data to identify technical risks to the organization.

• Experience with architecture, engineering, and services of Amazon Web Services (AWS) to include but not limited to experience creating CI/CD pipelines for solutions delivery using AWS services, AWS well-architected framework best practices, container orchestration platform experience (ex: AWS EKS), and automating the creation of Infrastructure as a Service (IaaS) infrastructures such as CloudFormation, AWS Service Catalog, and GitLab.

• Experience with supporting the ELK (Elasticseach, Kibana, Logstash) Stack in non-production and production environments.

• Experience supervising and leading others, preferably a team of 10+ security engineers and analysts.

Desired Skills:

• Security testing of IT products.

• Knowledge of information security (e.g. authentication, access control, network security).

• Experience with configuration and maintenance of IT Service Management (ITSM) tools such as Atlassian Jira in a production environment supporting Event Management, Incident Management, Problem Management, and Change Management.

• Experience implementing and executing work using the Scaled Agile Framework (SAFe).

• Experience with implementation of DevSecOps best practices to best support vulnerability and weakness reduction management.

• Experience with a SIEM tool such as Splunk desirable (i.e. creating queries, dashboards).

• Experience with Splunk and Tenable Security Tools for Auditing and Vulnerability Management.

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, sex, age, sexual orientation, gender identity or expression, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, status as a crime victim, disability, protected veteran status, or any other characteristic protected by law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.