Security Engineer

Security Engineer

AboutWeb is seeking a Security Engineer to join the Security Operations Team on a contract with a federal government client with an important mission.

Responsibilities:

  • Extract data from various sources and compile in multiple formats, such as MS Excel, for client presentation.
  • Generate and maintain varying dashboards, reports and profiles to track the overall health and status of enterprise and each client’s Information Security profile against Information Security Operations standards.
  • Operate and manage network-centric and application-centric security tools such as Tenable Security Center and IBM AppScan Enterprise to provide real-time insight into the security posture of the organization’s environment,
  • Effectively communicate remediation requirements and techniques based on results of vulnerability scans.
  • Evaluate the impact of security issues with respect to the organization’s mission and prioritize remediation efforts based on risk.
  • Respond to frequent data requests by researching solutions, extracting data from reporting tools and developing a format usable by program offices and leadership.
  • Ensure validity by investigating all data obtained.  Research outliers and initiate corrective action to address the issue.  Continue follow-up and escalation until resolved
  • Create, automate, and optimize appropriate reports and dashboards in multiple Continuous Diagnostics and Mitigation (formerly Continuous Monitoring) tools to highlight areas for improvement.
  • Facilitating communication between the Information Security Program, client information system security officers (ISSOs), and system owners to address security issues and resolve vulnerabilities in a timely manner.

Qualifications / Requirements:

  • Bachelors's Degree and a minimum 5 years of experience, 3 in an IT/ Information Security environment.
  • MUST HAVE FEDRAMP EXPERIENCE
  • Cloud Architecture Experience.
  • Exceptionally self-motivated, directed, and detail-oriented.
  • Ability to work very independently with minimum direction.
  • Must be able to learn, understand and apply new technologies.
  • Excellent organizational, analytical and problem-solving abilities.
  • Proficiency with Microsoft Office Suite.   
  • Excellent interpersonal, writing, and communication skills, both verbal and written
  • Ability to work with senior managers, supervisors and peers from client organizations
  • Excellent organizational and self-directing skills – ability to initiate, coordinate and prioritize responsibilities and follow through on tasks and projects, an ability to perform multiple tasks within a short deadline
  • Proven ability to work effectively in a team environment as well as independently with minimal supervision
  • Solid understanding of risk management, including an understanding of the process and activities required in vulnerability identification, reporting, and remediation. 
  • Ability to understand the significance of the client's organizational culture and support organizational standards

 

 

 

Preferred qualifications:

  • Holds an IT Certification
  • General knowledge of IT environments, information security, privacy, and threat and vulnerability management.
  • Experience with running information security tools, as well as an ability to effectively communicate remediation requirements and techniques based on the results.
  • Knowledge of the Federal Information Security Management Act (FISMA)
  • Knowledge of National Institute of Standards and Technology (NIST) 800-53 (guidelines on security controls for federal information systems)
Bethesda
MD