Security and Compliance Engineer

United States

Sev1Tech

WE ARE SEV1TECH Serving critical missions for the United States at home and abroad Sev1Tech is a leading provider of IT modernization, cloud, cybersecurity, engineering, fielding, training, and program support services for U.S. government...

View all jobs at Sev1Tech

Apply now Apply later

Overview/ Job Responsibilities

Sev1Tech is looking for a Cybersecurity Engineer to assist our clients with Risk Management Framework (RMF), ATO, and Cybersecurity Maturity Model Certification (CMMC) compliance and implementation.

  • Taking a consultative approach, assist clients in defining and implementing cybersecurity policies and procedures
  • Work closely with client System Administrators with the identification of vulnerabilities on all customer server assets, including Windows, Unix, and Network devices
  • Assist admins with hardening of systems to comply with DISA Security Technical Implementation Guides (STIGs)
  • Ensure DISA STIG compliance, interpretation, and analysis of results as well as remediation
  • Assist in the Authority to Operate (ATO) support evaluating NIST controls in both a FISMA Moderate and High Environment
  • Perform system maintenance on security-related tools; evaluate, test, and integrate upgrades
  • Scan, patch, remediate, provide mitigation strategies, and document security vulnerabilities in operating systems and applications
  • Assist in defining and writing security policies to support FedRAMP, FISMA, Federal Compliance, NIST Compliance, HIPAA Compliance, ISO Standards, and SOX Compliance
  • Assist and lead security audits
  • Generate bi-weekly vulnerability reports to send out to customers
  • Assist in the operation and maintenance of an enterprise level Security Information and Event Management (SIEM)
  • Follow security policies and create/maintain existing information system security documentation
  • Assist in the development, design, and coding of new systems or components, and troubleshoot & debug problems occurring within existing platforms and resolve issues using enterprise level tools
  • Assist with the evaluation of threats and impact as identified by the government and/or security tools
  • Other duties as assigned

 

Minimum Qualifications

  • Bachelor’s Degree in Cybersecurity, Computer Science, Systems Engineering, Information Technology or related field or experience equivalent with 5-7 years of relevant work experience.
  • Experience working with Federal Government contracts
  • Prior Security Consulting experience
  • Experience leading Cybersecurity/Information Security audits
  • Must have a thorough understanding of cyber threats, information security, and monitoring & detection using the latest monitoring tools.
  • Minimum of 4 years’ experience working with security technologies including exposure to AWS/Azure cloud environments
  • Cloud Security Experience - Amazon, cloud security tools
  • Experience with authoring and maintaining security authorization documentation specific to FISMA and FedRAMP related controls at up to the “High” impact level
  • Background with Risk Management Framework (RMF), ICD 503, NIST 800-171, NIST SP800-53 and 53a or DCID 6/3; knowledge of current authorization practices; Background with DITSCAP/DIACAP may be substituted in some cases.
  • Strong experience with Microsoft 365 platform, including Outlook, SharePoint, and Microsoft Teams, etc.
  • Experience with enterprise level security tools (SIEM and vulnerability scanning), specifically LogRhythm, Splunk, ElasticSearch 
  • Possess excellent oral and written communication skills and proven interpersonal skills
  • Demonstrates ability to multi-task, internally driven to meet organizational goals with often quick deadlines.
  • Must be a self-starter passionate about expanding their IT capabilities
  • Multi-task in a team-oriented environment with the ability to manage concurrent objectives, take initiative and maintain client confidentiality with the ability to work independently

 

Clearance Level: Clearable 

Desired Qualifications

  • Vendor and Security certifications
  • Strong verbal and written communications skills, including creation of SOPs, maintenance plans, network drawings.
  • Strong analytical abilities
  • Must possess a strong client focus
  • Experience with AWS networking and security architectures

About Sev1Tech LLC

Founded in 2010, Sev1Tech provides IT, engineering, and program management solutions delivery. Sev1Tech focuses on providing program and IT support services to critical missions across Federal and Commercial Clients. Our Mission is to Build better companies.  Enable better government. Protect our nation. Build better humans across the country.

Join the Sev1Tech family where you can achieve great accomplishments while fostering a satisfying and rewarding career progression.  Please apply directly through the website at: https://www.sev1tech.com/careers/current-openings/#/    #joinSev1tech

For any additional questions or to submit any referrals, please contact: dorian.mcgarry@sev1tech

Sev1Tech is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0

Tags: Audits AWS Azure Business Intelligence Clearance Cloud CMMC Compliance Computer Science DIACAP DISA Elasticsearch FedRAMP FISMA HIPAA ICD 503 LogRhythm Monitoring NIST Risk management RMF SharePoint SIEM SOX Splunk STIGs UNIX Vulnerabilities Windows

Perks/benefits: Career development

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.