Information System Security Engineer 2

Company Overview

By Light Professional IT Services LLC readies warfighters and federal agencies with technology and systems engineered to connect, protect, and prepare individuals and teams for whatever comes next. Headquartered in McLean, VA, By Light supports defense, civilian, and commercial IT customers worldwide. 

Cole Engineering Services (CESI), a By Light company, is recognized as a premier provider of modeling and simulation (M&S) training solutions to the Federal Government and industry. Since 2004, CESI has been at the forefront of developing, maintaining, and integrating simulation-based training, serious gaming, technical services, training and other support in live, virtual, constructive, and gaming (LVCG) domains.  CESI also designs, builds and runs infrastructure, platforms, applications and processes that enable cyber training for the integrated multi-domain force. Our vision is to become a worldwide full spectrum LVCG and cyber training/analysis developer, integrator and services provider.

Position Overview

Cole Engineering (CESI) is looking for a technically proficient Information Systems Security Engineer II (ISSE) who will perform critical engineering tasks to develop and maintain the cybersecurity posture of Department of Defense (DoD) information systems. Candidates will work within a team to ensure the security and integrity of our systems through robust patch management processes and adherence to Security Technical Implementation Guides (STIG) checklists. Candidates will work closely with development teams to assess vulnerabilities, implement security patches, and maintain compliance with DoD security standards. 

Responsibilities

• Coordinate patch schedules and maintain patch status documentation.
• Conduct regular assessments of systems against DoD STIG checklists and collaborate with System Administrators and Network Engineers to remediate non-compliant systems.
• Assist in the design and implementation of automated patching and compliance tools.
• Assist in internal and external security audits to ensure compliance with DoD regulations.
• Propose justification and mitigating countermeasures to reduce or eliminate risk level of an identified vulnerability.

Required Experience/Qualifications

• Minimum 2 years of experience working in Information Security or general IT areas related to risk management, controls assurance, compliance programs, cybersecurity and information security industry standards.
• Systems administration skills, experience with security settings, services, hardening of systems (STIGs, security policies); any shell scripting a plus.
• Formal technical documentation skills.
• This position requires certifications necessary to meet IAT II in accordance with DoD 8570-01-M.
• One or more of the following certifications are required within 90 days of hire date.

GSEC; Security+, SSCP, CCNA Security, CEH

Preferred Experience/Qualifications

• Experience working with patching tools such as PDQ
• Experience working with STIG checklists and utilizing tools such as eMASSter
• Experience with scanning tools such as ACAS

Special Requirements/Security Clearance

In accordance with the specifications of a government contract, eligibility for this position mandates U.S. Citizenship status and a SECRET security clearance. The precise security clearance requisites will be detailed in the Government's Task Order.

Benefits Overview

CESI recognizes that our strength is our people. We support every employee as an individual to build strong teams across the enterprise.  Our benefit package includes:

• Medical, Dental & Vision Coverage
• Wellness Program
• 401(k) Matching
• Disability (Short Term & Long Term)
• Employee Assistance Program
• Life Insurance
• Education & Training
• Generous Leave Policy (11 Federal Holidays, PTO, Military Leave, Bereavement and Jury Duty)