Sr. Security Engineer

Security Clearance required:Able to obtain Public Trust

Do you want to make a difference?

Cognosante employees are passionate about improving people’s lives. With an innovative mindset and an unwavering commitment to those we serve, we partner with healthcare, civilian and defense agencies to deliver exceptional public services and programs. Our multi-faceted technology and customer experience (CX) solutions achieve program outcomes, solve critical challenges and create meaningful change. Whether we are helping Veterans access healthcare faster, ensuring that members of the military complete their missions safely, or helping people obtain health insurance, our work touches millions of people. Are you ready to make a difference?

Come Join Our Team

Cognosante is seeking to fill a Sr. Security Engineer position in support of VA (Veterans Affairs) Cloud Operations and Migration Services (COMS) capability to provide operational input and support for the operations, maintenance, and refinement of VA’s Enterprise Cloud (VAEC) environment, execution support for migrating new and legacy VA applications and services to cloud computing and continuous improvement of VA’s IT infrastructure.

What is the position? 

We are seeking a highly organized Sr. Security Engineer with the ability to develop a holistic view of large and highly regulated cloud environments and drive the analysis of findings and groom prescribed fixes into them. Must have in-depth working knowledge of AWS cloud environments (primarily), with knowledge of Azure being a great bonus. Must experience working with Controls, Narratives, and Restrictions. The candidate will be able to participate in baseline configuration management and be able to guide external tools to scan for the correct data. This role will be assigned to support of VA Cloud Operations and Migration Services (COMS) capability to provide operational input and support for the operations, maintenance, and refinement of VA’s Enterprise Cloud (VAEC) environment, and services to cloud computing and continuous improvement of VA’s IT infrastructure.

What will I get to do?

• Analyze the results of vulnerability scans, configuration checks, and security alerts to identify and understand weaknesses or deficiencies and determine remedial actions
• Validate the configuration of servers, workstations, network devices, and other equipment against government or industry security standards
• Analyze systems, data, and operating environments to determine appropriate safeguards, mitigation plans, and evaluate the effectiveness of implemented security controls
• Apply domain-specific security knowledge and subject matter expertise to ensure the successful execution of security management functions
• Create, update, and maintain technical and security documentation about systems, networks, and operating environments
• Possess ability to identify key concepts, factors and risks based on conversations and document these in clear and concise narrative or graphic reports
• Provide security expertise/perspective to support operational processes and procedures including configuration control, maintenance, continuity of operations, and incident response
• Risk Management
  • Support for internal and external compliance audits and assessments
  • Risk identification, assessment, response, tracking, and monitoring
  • Monitoring and management of findings and corresponding corrective actions
  • Development and reporting of security metrics
• Information Assurance
  • Support security assessment and authorization processes and activities, including developing or contributing to the development of security documentation and other artifacts
  • Monitor changes to applications, networks, infrastructure, and operating environments
  • Provide audit support for internal and external audits and reviews
• Technical Security
  • Operating, maintaining, and tuning security tools deployed in data centers housing mission critical data and systems ( i.e. Turbot and other CSP native security tools)
  • Detect, respond to, and forward critical security alerts related to compliance policy violations, new or emerging threat sources and vulnerabilities, and Advanced Persistent Threats (APTs)
  • Implementing and executing incident response procedures
  • Performing vulnerability and compliance scanning and assessments
  • Collecting and aggregating log and security event information
  • Reviewing and maintaining Standard Operating Procedures for intrusion detection and prevention, security information and event management, incident response, vulnerability assessment, and other applicable security activities and processes
• Application Administration
  • Patching, upgrading, and maintaining server operating system platforms
  • Performing web development (including scripting and/or programming) for audit and risk management application
  • Develop and maintain complex and ad hoc reports and dashboards for security and risk management information
  • Developing and delivering technical documentation and user guides

What qualifications do I need?

• A minimum of 8 years of relevant work experience
• Bachelor’s degree in Computer Science, Engineering, Math, Graduate of Technical School, or equivalent (8 years of additional relevant experience may be substituted for education)
• Understands the interpretation and implementation of NIST 800-53 controls
• Familiarity with DISA STIGS and CIS benchmarks
• Familiarity with scanning tools such as Nessus and BigFix
• Minimum of three (3) years of experience in leading technical teams to achieve objectives and outcomes:
  • Developing and implementing technical standards, systems and processes for cloud and on-prem environments.
  • Recommending technology strategies and decisions with a high-level of expertise and knowledge.
  • Providing technical direction and support to ensure compliance with standards and guidelines.
• Must have experience with implementing, migrating, managing, and operating systems/applications in an enterprise cloud computing environment.
• Scripting/Programming proficiency in Python, PowerShell or similar
• Minimum of six (6) years setting up, configuring, and using AWS or Azure cloud operational tools to ensure service level agreements and performance targets are met, and continued compliance with policies, standards and guidelines
• SysAdmin experience, ideally with multiple operating systems (Windows, RedHat, Linux and/or various flavors of Linux)
• One or more advanced security certifications (e.g., CISSP, CISM, GCPM, CSLC, etc.)
• Candidate background eligibility requirements are United States citizen or be a Permanent Resident and have lived in the United States for at least 3 years, clean criminal background and able to obtain a Public Trust (High-Risk) Position.

Candidates that do not meet the minimum qualifications will not be considered.

What additional characteristics will help me thrive?

• Familiarity with Turbot and other CSP native security tools
• AWS or Azure Security certifications
• Advanced or specialized security certification in disciplines such as penetration testing, incident handling, intrusion analysis, or computer forensic investigation
• ITIL certification
• Experience with VA’s configuration of IBM Rational Toolset for management, configuration and reporting of work products.
• Experience with Agiliance Risk Vision, Enterprise Mission Assurance Support Services (eMASS) or similar governance, risk, and compliance management tools
• Familiarity with the VA Handbook 6500 and subordinate publications
• Experience working in a ITIL, ISO 20000, or ISO 27000 environment
• Active clearance for Public Trust (High-Risk) Position
• Expert-level knowledge of federal security laws, regulations, and standards, including but not limited to FISMA, HIPAA, NIST CyberSecurity Framework, FIPS Publications, and Special Publications
• Familiarity with all phases of the NIST Risk Management Framework and the achievement and maintenance of authorization to operate (ATO) for federal information systems
• Prior experience performing or overseeing continuous monitoring/continuous diagnostics and mitigation activities

What We Offer  

Our mission is to provide comprehensive and competitive pay, benefits, services, and programs to eligible employees and their dependents that:  

• Ensure optimal health and productivity of our employees   

• Support employee retention and attraction  

• Provide work/life balance to ensure our employees succeed inside and outside of the office  

Compensation

$113,927.72 - $187,981.83

The pay range for this job is determined by various factors, including but not necessarily limited to location, responsibilities of the job, and alignment with market data. When determining a salary for this role, the following factors may be taken into consideration - contract-specific affordability, education, knowledge, skills, competencies and experience. The estimate displayed represents the salary range for this position and is just one component of Cognosante’s total compensation package for employees. It is not necessarily reflective of actual compensation that may be earned, nor a promise of any specific pay for any specific employee. 

Cognosante will not provide sponsorship for employment-based immigration benefits for this position.

What We Promise  

Cognosante employees are inspired by our bold mission to improve lives. To achieve this mission, we put our people first. No matter where they're located around the nation, our innovative workplaces enable individuals to apply their skills and experience to work toward a greater good.  

We foster a winning culture of solution creators built on innovation, collaboration, flexibility, and work-life balance. And we invest in the next generation of diverse talent to foster an inclusive, progressive, adaptable workplace that prioritizes advancement for all. As an affirmative action employer, we are committed to equal opportunity regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.   

  

Your safety during your job search is important. Recruiting communications will always be sent through one of the following corporate domain emails (@cognosante.com or @accurate.com).  

We will never send communications through any other domain, including @cognosantecareers.com, @gmail.com or @yahoo.com). We will never request payment from you, nor will we send payment to you, prior to your start date. If you have been asked to send or receive any payment, or if you have any doubt about whether you have been contacted by a Cognosante employee, please contact us at jobs@cognosante.com