ECS is seeking a Security Engineer to work in our Washington, DC office.
ECS is looking for a security engineer to support a non-profit customer in the Washington, DC area a develop a secure cloud-based system. We are seeking a qualified candidate to provide cloud security architecture expertise and provided guidance in the implementation of system-specific security controls and security overlays necessary to ensure the resilience of system's security posture.
- Must be a US Citizen
- BS Degree
- Must be able to obtain a Public Trust Clearance
- 4 or more years providing ongoing monitoring to identify threats and monitors the network for any security breaches; configuring scanning tools, performs regular vulnerability scanning and oversees remediation activities; performing maintenance of security documentation; ensuring compliance to all applicable standards and supports the ATO security process; Provides incident response support and remediation; creating incident tickets to cover all activity needed to address an incident and maintain an internal chronology of steps taken to remediate the incident.
- Responsible for monitoring security events to identify threats and discovery responses.
- Reviewing results of system scans to identify remediation actions.
- In the event a threat is identified, taking action to stop or mitigate the threat and develop a plan for remediation to prevent this from occurring in the future.
- Must be proficient with desktop programs such as Adobe Acrobat, MS Excel, MS Word, MS Visio
- Must possess a high attention to detail
- Strong oral and written communication skills
- Strong interpersonal communication skills
- Candidates should have a strong working knowledge of standards-based integration architectures in Cloud environments, using standard tools such as Enterprise Service Bus (ESB), as well as:
- Developing cogent compliant system security plans and security policies and procedures
- Implementing and designing security countermeasures to ensure systems are capable of responding in the event of a security breach
- Coordinating security rules and internal access authorization with operations leadership and management
- Ensuring system implement tight access controls by enforcing principles of least privilege and separation of duties
- Experience working with AWS/Cloud Architect and customer's security team to ensure they understand existing architecture, accreditation boundary, interconnection, common controls, and develop solutions to improve overall network architectural design and improve system security posture
- Experience implementing, maintaining, and operating security monitoring tools and infrastructure; and designing, implementing, and maintaining security infrastructure, including management of commercial security products
- Defining data protection and governance standards
- Experience and KSAs with the following regulations, standards, and best practices, such as:
- Federal Risk and Authorization Management Program (FedRAMP)
- System and Organization Controls (SOC) 2
- Federal Information Security Management Act (FISMA)
- Federal Information Processing Standard (FIPS) 140-2, 199, and 200
- Federal Bureau of Investigation (FBI) Criminal Justice Information Services (CJIS)
- National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 Security and Privacy Controls for Federal Information Systems and Organizations
- NIST Cyber Security Framework (CSF)
- 800-171 Protecting CUI in Non-Federal Systems and Organizations
- NIST SP 800-18 Guide for Developing System Security Plans
- NIST SP 800-70 National Checklist Program for IT Products
- NIST SP 800-161 Supply Chain Risk Management
- Office of Management and Budget (OMB) relevant directives
- Homeland Security Presidential Directive 12 (HSPD-12)
- Gramm-Leach-Bliley Act (GLBA)
- FBI Criminal Justice Information Services (CJIS) Security Policy ver. 5.8 or later
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3000+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.
This job has expired.