INFORMATION ASSURANCE SECURITY ENGINEER WITH SECURITY CLEARANCE
Royce Geospatial Consultants Inc
Springfield VA 22150 US
Job Description Why Choose Royce Geo We're not your typical government contracting company, nor do we want to be. At Royce Geo, we live for building durable and long-lasting relationships with our clients, providing exceptional service with a CAN'T QUIT / WON'T QUIT attitude. We are creating a culture of winning, optimism, FUN, and caring for the person next to you. If you want to work in a real team environment and share the wealth and satisfaction of providing real value to your customer, then this company may be just for you. Royce Geo prides ourselves in our values-first approach. Our values of Accountability, Attitude, Communication, Innovation, and Leadership are integrated into how we approach problems, guide our interactions with others, and create the framework for our culture. We recognize and reward our team members that champion these attributes. We offer a competitive benefit package that is designed to attract and retain exceptional talent. We take care of our team members from multiple facets including health, financial, and well-being programs: * Robust health plan including medical, dental, and vision * Health Savings Account with company contribution * Annual Paid Time Off and Paid Holidays * Paid Parental Leave * 401k with generous company match * Training and Development Opportunities * Award Programs * Variety of Company Sponsored Events ***Requires an active TS/SCI Security Clearance**** Position Summary: We're seeking a Security Engineer to provide expert technical services on all aspects of Information Security. Responsible for writing information security policy drafts, writing and reviewing Memorandum of Agreements and coordinating and managing all aspects of the Certification and Accreditation. Advise and assess system design/architecture as well as defining, designing and evaluating information security systems. Manage multi-agency information sharing and integration security. Maintain affiliations with high-level personnel at multiple agencies and organizations involved in Information Security. Tasking includes incident response, system access approval, audit log review, Configuration Control Board and daily consultations/consulting on a wide variety of security issues. Report, document and investigate all security related incidents; assist with development and implementation of corrective measures. Responsibilities: * Candidate must have knowledge of and experience with ICD 503 and be familiar with Cloud Infrastructure/AWS-based solutions. * Candidate must possess IAM II certification to start in accordance with DOD 8570.1M. * Candidate will work with all IT groups to build IT systems with security planned from the start. Work with developers, system engineers, project managers, and users to identify the level of protection systems will need. Understand and be able to identify what group or process will satisfy security requirement.
* Act as the representative of the Information System Security Manager ensuring compliance with IS security procedures.
* Support efforts to operate, maintain, and dispose of information system materials in accordance with security directives, policies and practices and as annotated in Systems Security Plans.
* Generate and implementation of requisite security training ensuring user security awareness of responsibilities prior to system access.
* Initiate protective and corrective measures when incident or vulnerabilities are discovered.
* Ensure IA hardware and software complies with security configuration guides.
* Implement and enforce IA policies and procedures as defined by A&A documentation.
* Ensure users are aware of their IA responsibilities.
* The ability to work on multiple projects/tasks at once and operate in a dynamic, fast-paced, team-oriented environment.
* Perform Operations & Sustainment (O&S) functions for the NCE network security infrastructure (firewalls, web gateways, mail gateways, ids, load balancers, performance monitoring tools, mgt systems, etc)
* Perform maintenance and/or advanced configuration of equipment in order to protect the network from emerging cyber threats
* Experience with Cloud Infrastructure/AWS-based technology
* Experience using security tools such as ACAS, HBSS, Carbon Black, Tanium, RedSeal, and EMET
* Conduct forensic traffic/log analysis to isolate issues or respond to analyst alerts
* Respond to escalated troubleshooting requests
* Maintain and administer network infrastructure standards, documentation and fault tolerance
* Present Monitoring/Test Results and Reports as required
* Perform/support integration testing as required
* Participates in special projects as required.
* Ability to review Plan of Action and Milestones (POA&Ms) and conduct a technical decomposition categorization, remediation, and lien resolution
* Execute remediation process to implement technical solutions to address vulnerability findings via ACAS security scan.
* Experience installing, hardening, deploying, documenting, and troubleshooting network perimeter security technologies.
* Experience and scripting ability on Unix and/or RHEL OS
* Experienced with complex Microsoft macros, and PowerShell scripts
* Basic understanding of Windows Enterprise AD architecture and VMWare Virtualization
* Must be proficient in network routing/vlan technologyQualifications:
* Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
* 10-15 years of related experience in data security administration
* ***Requires an active TS/SCI Security Clearance**** Desired Knowledge, Experience and Skills:
* CISSP certification or equivalent (CAP, GSLC, CISM)
* System administration experience
* Network engineering experience
* System design and development experience
* Defines, plans, designs, and evaluates information security systems. Assesses architecture and current hardware limitations, defines and designs system specifications, input/output processes and working parameters for hardware/software compatibility. Performs a variety of complex tasks associated with information security ranging from the design of security components to complex architectures. Supervise the work of other engineers performing a variety of information security tasks. About Royce Geo Established in 2015, Royce Geo has quickly evolved into a well-rounded, diverse, small business tackling some of the most complex issues for our Defense and Intelligence Community clients. We are an award-winning small business firm, providing vital support to our mission partners across four core areas: Geospatial Information Technology, Data Analytics, Intelligence, and Training. Our team members are highly skilled subject matter experts, who listen and partner with our clients to accomplish the mission. We own the problem and find the solution while upholding the highest standards-to exceed expectations. We take risks and challenge the status quo to deliver innovative and cutting-edge solutions. Our employee-centric company culture is everything. Even while we grow, our small company mentality continues to exist. We demand inspiration from our leadership, and accountability from all so that we can influence others through our actions. This is Royce Geo.
* Act as the representative of the Information System Security Manager ensuring compliance with IS security procedures.
* Support efforts to operate, maintain, and dispose of information system materials in accordance with security directives, policies and practices and as annotated in Systems Security Plans.
* Generate and implementation of requisite security training ensuring user security awareness of responsibilities prior to system access.
* Initiate protective and corrective measures when incident or vulnerabilities are discovered.
* Ensure IA hardware and software complies with security configuration guides.
* Implement and enforce IA policies and procedures as defined by A&A documentation.
* Ensure users are aware of their IA responsibilities.
* The ability to work on multiple projects/tasks at once and operate in a dynamic, fast-paced, team-oriented environment.
* Perform Operations & Sustainment (O&S) functions for the NCE network security infrastructure (firewalls, web gateways, mail gateways, ids, load balancers, performance monitoring tools, mgt systems, etc)
* Perform maintenance and/or advanced configuration of equipment in order to protect the network from emerging cyber threats
* Experience with Cloud Infrastructure/AWS-based technology
* Experience using security tools such as ACAS, HBSS, Carbon Black, Tanium, RedSeal, and EMET
* Conduct forensic traffic/log analysis to isolate issues or respond to analyst alerts
* Respond to escalated troubleshooting requests
* Maintain and administer network infrastructure standards, documentation and fault tolerance
* Present Monitoring/Test Results and Reports as required
* Perform/support integration testing as required
* Participates in special projects as required.
* Ability to review Plan of Action and Milestones (POA&Ms) and conduct a technical decomposition categorization, remediation, and lien resolution
* Execute remediation process to implement technical solutions to address vulnerability findings via ACAS security scan.
* Experience installing, hardening, deploying, documenting, and troubleshooting network perimeter security technologies.
* Experience and scripting ability on Unix and/or RHEL OS
* Experienced with complex Microsoft macros, and PowerShell scripts
* Basic understanding of Windows Enterprise AD architecture and VMWare Virtualization
* Must be proficient in network routing/vlan technologyQualifications:
* Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
* 10-15 years of related experience in data security administration
* ***Requires an active TS/SCI Security Clearance**** Desired Knowledge, Experience and Skills:
* CISSP certification or equivalent (CAP, GSLC, CISM)
* System administration experience
* Network engineering experience
* System design and development experience
* Defines, plans, designs, and evaluates information security systems. Assesses architecture and current hardware limitations, defines and designs system specifications, input/output processes and working parameters for hardware/software compatibility. Performs a variety of complex tasks associated with information security ranging from the design of security components to complex architectures. Supervise the work of other engineers performing a variety of information security tasks. About Royce Geo Established in 2015, Royce Geo has quickly evolved into a well-rounded, diverse, small business tackling some of the most complex issues for our Defense and Intelligence Community clients. We are an award-winning small business firm, providing vital support to our mission partners across four core areas: Geospatial Information Technology, Data Analytics, Intelligence, and Training. Our team members are highly skilled subject matter experts, who listen and partner with our clients to accomplish the mission. We own the problem and find the solution while upholding the highest standards-to exceed expectations. We take risks and challenge the status quo to deliver innovative and cutting-edge solutions. Our employee-centric company culture is everything. Even while we grow, our small company mentality continues to exist. We demand inspiration from our leadership, and accountability from all so that we can influence others through our actions. This is Royce Geo.