The LADA program is seeking an information security engineer is to lead the Security team. The information security engineer will work in a hybrid environment consisting of on-premise and AWS environments. The information security engineer will help ensure that the new development features and operational enhancements are secure per the Customer regulations.
The Information Security Engineer will target, assess, exploit, and report risks and vulnerabilities of information systems to provide senior decision makers with actionable data. Information Security Engineers are responsible for IT security/vulnerability assessments and managing overall network security using network and security-related hardware and software.Primary Responsibilities
- Identify and define applicable security controls and responses for the project.
- Review responses, enter responses into the cyber risk management platform, and update risks.
- Identify common controls and draft common control language for the cyber risk management platform.
- Perform security maintenance duties, such as performing analyses of vulnerabilities and providing recommended resolutions.
- Maintain awareness of system level changes, ensure proper patch levels, and upload cyclic scans to the appropriate repositories.
- Achieve and maintain system accreditation, including providing guidance, plans, and evidence and maintaining documentation.
- Perform regular reviews, such as audits, and review security test results.
- Participate in or lead technical exchange meetings and application review boards and document action items and results.
- Brief management on status
- Requires BS degree .
- Must have a TS/SCI with poly to be considered
- Prior experience with programs of similar size and complexity.
- Demonstrated work experience in cyber security or related IT field.
- Demonstrated experience performing complex technical tasks with minimal direction.
- Demonstrated experience designing, testing, or implementing IT security architecture.
- Demonstrated experience performing network security analysis.
- Demonstrated experience developing risk management methodologies.
- Demonstrated experience analyzing test results to develop risk/threat mitigation plans.
- Demonstrated experience communicating vulnerability results and risk posture to senior executives
- Certified Information Systems Security Professional (CISSP)
- Experience with the Sponsor’s enterprise scanning tools, reporting and RMF tools
- PMP, Agile Scrum experience, AWS certification
Leading Path is an award-winning Information Technology and Management Consulting firm focused on providing solutions in process, technology, and operations to our government and Fortune 500 clients. We offer a professional work environment with a strong work-life balance and a family friendly culture, and we hold lots of team events! Leading Path provides a comprehensive and competitive benefits package, 401K, tuition reimbursement and opportunities for professional growth and advancement.
- Agile Methodology
- Certified Information Systems Security Professional
- Certified Project Management Professional