Position Summary
Versar, Inc., is seeking a Senior Security Engineer (Compliance) to support the Department of Homeland Security's Enterprise Engineering Division (EED) within the Office of the Chief Information Officer (OCIO). This candidate will be a member of a high functioning team supporting cybersecurity countermeasures to strengthen DHS enterprise and HQ networks, overseeing and providing strategic and tactical direction with security compliance. This candidate will work directly with a team of network and security engineers, data center specialists, ISSOs, industry vendors, and DHS stakeholder groups that include 20+ DHS Components.
This effort is responsible for providing support for the following Homeland Security Enterprise Network (HSEN) services along with Security Engineering Compliance:
- Design and development of cybersecurity technology along with integration of new architectural features into existing infrastructures while maintaining the integrity and security of enterprise-wide cyber systems and networks.
- Responsibility for DHS Security ATO and RMF compliance support ensuring systems are documented, security control implementation/documentation, self-inspection (STIG/vulnerability/compliance) auditing, and issue remediation.
- Strong working relationship with ISSOs and technical teams to ensure NIST Compliance and RMF ATO Security Authorization.
Additional Duties / Responsibilities
- Provide DHS Security Authorization Support
- Assist and support the SOC Security Authorization Process following National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 including, but not limited to, the following elements:
- Security Plan
- Security Risk Assessment
- Security Controls Assessment
- Continuity of Operations Plan (COOP)
- Development of POA&Ms
- Provide assistance and support to the SOC System ISSO, to document and maintain the SOC Security Authorization documentation in the Information Assurance Compliance System (IACS), conduct NIST SP 800-53A assessments, and track NOSC Cyber (SOC) POA&Ms.
- Develop and document a comprehensive COOP which ensures that the Contractor maintains appropriate NOSC Cyber infrastructure backups, and documents priorities and procedures for re-instantiating critical functions in the event of a failure.
- Test the DHS NOSC Cyber COOP capabilities in conjunction with internal test procedures and the DHS Information Technology Disaster Recovery Plan.
- Provide support to Government management by establishing POA&Ms and processes for tracking the correction of internal self-assessment and external audit findings relating to security authorization of NOSC operations and activities.
Minimum Qualifications / Requirements
- At least six (6) years of professional experience in an IT Services environment, providing technical support with emphasis on security compliance for federal networks.
- Prior experience with NIST FIPS Standards, Contingency Plans, Network Infrastructures, Security Impact Analysis, Privacy Impact security Assessments & Analyses, Standard Operating Procedures.
- U.S. Federal government consulting experience preferred.
- Must be resourceful in learning a very complex and dynamically changing network.
- Must be able to work independently in a fast-paced, dynamic environment.
- Past experience within the Department of Homeland Security or other government agency is preferred.
- U.S. citizenship required and eligibility for a DHS EoD is required to be considered for this position.
Education
- BS degree in Information Systems, Computer Engineering, Computer Science, or Cyber Security, or equivalent experience.
Certifications Desired
- Security Certifications: CISSP, CCSP, CISM, GSLC, CISA, CASP, or equivalent.
Software/Hardware Desired
- IBM AppScan, HP WebInspect, Nexpose, Splunk, Nessus, HP Fortify, McAfee SECURE, McAfee Virus Scan, Enterprise, ArcSight Sourcefire, Nagios, Saint, Solarwinds, Remedy, Primavera, Xacta, CSAM.