AboutWeb is seeking a Security Engineer to join the Security Operations Team on a contract with a federal government client with an important mission.
- Extract data from various sources and compile in multiple formats, such as MS Excel, for client presentation.
- Generate and maintain varying dashboards, reports and profiles to track the overall health and status of enterprise and each client’s Information Security profile against Information Security Operations standards.
- Operate and manage network-centric and application-centric security tools such as Tenable Security Center and IBM AppScan Enterprise to provide real-time insight into the security posture of the organization’s environment,
- Effectively communicate remediation requirements and techniques based on results of vulnerability scans.
- Evaluate the impact of security issues with respect to the organization’s mission and prioritize remediation efforts based on risk.
- Respond to frequent data requests by researching solutions, extracting data from reporting tools and developing a format usable by program offices and leadership.
- Ensure validity by investigating all data obtained. Research outliers and initiate corrective action to address the issue. Continue follow-up and escalation until resolved
- Create, automate, and optimize appropriate reports and dashboards in multiple Continuous Diagnostics and Mitigation (formerly Continuous Monitoring) tools to highlight areas for improvement.
- Facilitating communication between the Information Security Program, client information system security officers (ISSOs), and system owners to address security issues and resolve vulnerabilities in a timely manner.
Qualifications / Requirements:
- Bachelors's Degree and a minimum 5 years of experience, 3 in an IT/ Information Security environment.
- MUST HAVE FEDRAMP EXPERIENCE
- Cloud Architecture Experience.
- Exceptionally self-motivated, directed, and detail-oriented.
- Ability to work very independently with minimum direction.
- Must be able to learn, understand and apply new technologies.
- Excellent organizational, analytical and problem-solving abilities.
- Proficiency with Microsoft Office Suite.
- Excellent interpersonal, writing, and communication skills, both verbal and written
- Ability to work with senior managers, supervisors and peers from client organizations
- Excellent organizational and self-directing skills – ability to initiate, coordinate and prioritize responsibilities and follow through on tasks and projects, an ability to perform multiple tasks within a short deadline
- Proven ability to work effectively in a team environment as well as independently with minimal supervision
- Solid understanding of risk management, including an understanding of the process and activities required in vulnerability identification, reporting, and remediation.
- Ability to understand the significance of the client's organizational culture and support organizational standards
- Holds an IT Certification
- General knowledge of IT environments, information security, privacy, and threat and vulnerability management.
- Experience with running information security tools, as well as an ability to effectively communicate remediation requirements and techniques based on the results.
- Knowledge of the Federal Information Security Management Act (FISMA)
- Knowledge of National Institute of Standards and Technology (NIST) 800-53 (guidelines on security controls for federal information systems)