Skip navigation
Unable to save this job. Please try again later.

{msg}

Email this Job to Yourself or a Friend

To begin the application process, please enter your email address.

Company Contact Info

  • Silver Spring, MD
  • Paulina Willingham

Already have an account?

Sign in to apply with your saved resumes.

New to CareerBuilder?

Don't have an account? Continue as a guest!

Sorry, we cannot save or unsave this job right now.

Report this Job

Trust and Site Security Team.

Email Send Failed!

Information Technology Security Engineer

Mindbank • Silver Spring, MD

Posted 18 days ago

Job Snapshot

Full-Time
Travel - None
Experience - At least 6 year(s)
$110,000.00 - $120,000.00 /Year
$70.00 HOURLY 1099 OR C2C
Securities
Information Technology
0

Applicant

How Do You Compare to the Competition?

Get facts about other applicants with a CareerBuilder Account

Job Description

Mindbank has an immediate need for an Information Technology Security Engineer with a Public Trust clearance or higher

US Citizens and those authorized to work in the US are encouraged to apply.  We are unable to sponsor visas at this time

 
Experience:  Six or more years in information technology security
 
Certification:  CISSP certification and preferred one or more CISM, CISA, SANS GIAC, Cisco CSSP, CEH, RedHat, Microsoft or Cloud security certification.
 
Location is in Silver Spring, MD
 
Responsibilities:
The IT Security Engineer will assistance to the an Information Technology Security Program (ITSP) and the Senior Security Officer to assess and advise on overall NOS IT risk, policy interpretation, and has oversight of all independent assessments, A&A and continuous monitoring compliance actions.  Will operate at a senior level and provide enterprise level services and consultation requiring various levels of support.

The IT Security Engineer will be tasked to undertake projects and assignments to assist in managing the program and meeting those identified needs. Assigned tasks may include:

  •      Serve as a primary or backup to the Senior Security Officer and represent at change control board, committees, working groups or other activities for providing cyber security consultation.
  •      Assist Information System Security Officers (ISSO) and operational teams in securing and documenting their FISMA systems.
  •      Assist the ISSOs to apply and mitigate system risks and vulnerabilities.
  •      Assist the ISSOs to apply NIST Special Publications 800 series, NIST Federal Information Processing Standards (FIPS), Department of Commerce and client and NOS policies, procedures and guidance, and industry best practices to enhance the security of their systems.
  •      Perform reviews of Cloud Service Provides (CSP) that have received either a FedRAMP issued Provisional Authorization to Operate (ATO) or FedRAMP approved Agency issued ATOs. Document the risks to the agency for using the CSP services and report findings to Senior Security Officer and Chief Information Officer.
  •      Provide oversight and management of IT Security Data Calls and develop and/or maintain ITSP process and procedures for managing data calls.
  •      Monitor and report on annual client IT Security Awareness Course requirement.
  •      Provide support in scanning systems for known vulnerabilities using scanners such as Nessus and Appscan and assessing their vulnerabilities and component configurations against their secure baselines.  Hands-on vulnerability and compliance scanning not required by previous experience a plus.
  •      Provide assessment and authorization expert support on IT security policy including but not limited to NIST SP 800 series, NIST FIPS, Department of Commerce and client policies and industry best practices.
  •      Provide oversight and coordination with between incident response, programs and chief information officer.
  •      Proficiency in verbal and written communications.
  •      Proficiency in interpersonal skills.
  •      Proficiency in handling multiple tasks concurrently.

 

 

Job Requirements

Experience:

  •      Minimum 6 years of experience with operating one or more vulnerability scanning tools for network operating systems, applications and databases.
  •      Minimum 6 years of experience conducting one or more of the following: NIST SP 800- 53 security controls assessments, systems auditing, systems testing.
  •      Minimum 3 years of experience with demonstrated ability to develop and write security controls and processes.
  •      Minimum 6 years of experience with operating IT forensics investigation tools currently deployed in the NOS environment.
  •      Minimum 4 years of experience with IT security incidents management and oversight following Computer Incident Response Team (CIRT) policy and procedures, preferably those for NOAA. Specifically, ensuring CIRT requests are address by the ISSO assigned to the security incident and performing communication and coordination activities between CIRT, Security Operations Center and Program Offices.
  •      Minimum 3 year of operational experience with systems or network administration.   


QUALIFIED CANDIDATES PLEASE SEND YOUR RESUME TO:

[Click Here to Email Your Resumé]

Mindbank Consulting is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, gender identity, age, sexual orientation, status as a protected veteran, among other things, or status as a qualified individual with a disability.

 

Job ID: 214656
Help us improve CareerBuilder by providing feedback about this job: Report this Job.
CAREERBUILDER TIP
For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.
By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.