Information System Security Engineer 2

Company Overview

By Light Professional IT Services LLC readies warfighters and federal agencies with technology and systems engineered to connect, protect, and prepare individuals and teams for whatever comes next. Headquartered in McLean, VA, By Light supports defense, civilian, and commercial IT customers worldwide. 

Cole Engineering Services (CESI), a By Light company, is recognized as a premier provider of modeling and simulation (M&S) training solutions to the Federal Government and industry. Since 2004, CESI has been at the forefront of developing, maintaining, and integrating simulation-based training, serious gaming, technical services, training and other support in live, virtual, constructive, and gaming (LVCG) domains.  CESI also designs, builds and runs infrastructure, platforms, applications and processes that enable cyber training for the integrated multi-domain force. Our vision is to become a worldwide full spectrum LVCG and cyber training/analysis developer, integrator and services provider.

Position Overview

Cole Engineering (CESI) is looking for a technically proficient Information Systems Security Engineer II (ISSE) who will perform critical engineering tasks to develop and maintain the cybersecurity posture of Department of Defense (DoD) information systems. Candidates will work within a team to ensure the security and integrity of our systems through robust patch management processes and adherence to Security Technical Implementation Guides (STIG) checklists. Candidates will work closely with development teams to assess vulnerabilities, implement security patches, and maintain compliance with DoD security standards. 

Responsibilities

• Develop creative technical and procedural solutions to effectively secure information systems without introducing significant operational overhead.
• Perform technical implementation of security functionality to comply with NIST SP 800-53A controls and ensure the protection of computer systems, networks, and information.
• Validate security components are operating efficiently and are providing the expected insight into the information system through continuous monitoring
• Maintain the security posture of the information system through applying periodic DISA STIG configurations and vulnerability patch updates
• Perform self-assessments of information systems using manual and automated compliance tools in support of obtaining or maintaining a DoD RMF ATO.
• Propose justification and mitigating countermeasures to reduce or eliminate risk level of an identified vulnerability.
• Minimum 5 years of experience working in Information Security or general IT areas related to risk management, controls assurance, compliance programs, cybersecurity and information security industry standards.
• Systems administration skills, experience with security settings, services, hardening of systems (STIGs, security policies); any shell scripting a plus.
• Formal technical documentation skills.

Required Experience/Qualifications

• Develop creative technical and procedural solutions to effectively secure information systems without introducing significant operational overhead.
• Perform technical implementation of security functionality to comply with NIST SP 800-53A controls and ensure the protection of computer systems, networks, and information.
• Validate security components are operating efficiently and are providing the expected insight into the information system through continuous monitoring
• Maintain the security posture of the information system through applying periodic DISA STIG configurations and vulnerability patch updates
• Perform self-assessments of information systems using manual and automated compliance tools in support of obtaining or maintaining a DoD RMF ATO.
• Propose justification and mitigating countermeasures to reduce or eliminate risk level of an identified vulnerability.
• Minimum 5 years of experience working in Information Security or general IT areas related to risk management, controls assurance, compliance programs, cybersecurity and information security industry standards.
• Systems administration skills, experience with security settings, services, hardening of systems (STIGs, security policies); any shell scripting a plus.
• Formal technical documentation skills.

Required Certifications:

• This position requires certifications necessary to meet IAT II in accordance with DoD 8570-01-M.
• One or more of the following certifications are required within 90 days of hire date.GSEC; Security+ 
• SSCP
• CCNA Security 
• CEH

Preferred Experience/Qualifications

• Experience securing and managing containerized environments, including Kubernetes clusters. 
• Knowledge of security best practices or container orchestration platforms (e.g. Docker, Kubernetes)
• Experience with VMware products, including vSphere, vCenter, and ESXi.
• Knowledge of securing virtualized environments, including virtual machines patching and compliance.
• Experience working with Linux.

Special Requirements/Security Clearance

In accordance with the specifications of a government contract, eligibility for this position mandates U.S. Citizenship status and a SECRET to TS/SCI security clearance. The precise security clearance requisites will be detailed in the Government's Task Order.

Benefits Overview

CESI recognizes that our strength is our people. We support every employee as an individual to build strong teams across the enterprise.  Our benefit package includes:

• Medical, Dental & Vision Coverage
• Wellness Program
• 401(k) Matching
• Disability (Short Term & Long Term)
• Employee Assistance Program
• Life Insurance
• Education & Training
• Generous Leave Policy (11 Federal Holidays, PTO, Military Leave, Bereavement and Jury Duty)

Cole Engineering Services, Inc. is an equal opportunity employer. We consider qualified applicants without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, political affiliation, age, marital status, disability, genetic information, veteran status, membership in an employee organization, or any other basis prohibited by federal, state, or local laws.