Senior Information System Security Engineer,
Company: AlienVault
Location: Chantilly
Posted on: March 19, 2023
|
|
Job Description:
AT&T Global Public Sector is a trusted provider of secure,
IP-enabled, cloud-based, network solutions and professional
services to the Federal Government. We are dedicated to recruiting,
developing, and empowering a diverse, high-performing workforce
that is passionate about what they do, committed to our shared
values, and dedicated to our customers' mission.Our Cyber Security
Team supports the customer by investigating, analyzing, and
mitigating cybersecurity incidents that attempt to breach the
Customer's network infrastructure, applications, and operating
systems.AT&T has an opening for a Senior Information System
Security Engineerto support the Moonshot contract.The selected
candidate for the ISSE role will support the customer by providing
Cyber Security Architecture Analysis and Security Engineering
Support. As the ISSE, the selected candidate will be called upon to
perform the following tasks:Ensuring cyber security is baked into
the design of new/existing operational environmentsPerform and
review technical security assessments of computing environments to
identify points of vulnerability, non-compliance with established
cybersecurity standards and regulations, and recommend mitigation
strategiesCharacterize and analyze network traffic to identify
anomalous activity and potential threats to network
resourcesPerform security authorization activities in compliance
with Risk Management Framework (RMF) policies and procedures to
include: System Security Plans (SSPs), Risk Assessment Reports,
A&A packages, and Security Controls Traceability Matrix (SCTM).
Assist ISSMs/ISSOs in maintaining operational security posture to
ensure information systems (IS), security policies, standards, and
procedures are established and followed. Performs
vulnerability/risk assessment analysis to support Assessment &
Authorization (A&A)Ensure that system designs support the
incorporation cyber security vulnerability solutionsProvides
configuration management (CM) expertise for information system
security software, hardware, and firmware and leads Change Control
Board (CCB) meetings.Coordinates with the Information System
Security Analysts, and system administrators for control
implementation and Plans of Actions and Milestones (POA&Ms)
closeout requirements.Ensures systems designs support incorporation
to customer continuous monitoring solutions (i.e., Vulnerability
Alerts, Splunk, Enterprise Scanning, etc.)Required to become
proficient on the Customer's Assessment and Authorization tool to
track and document the RMF steps. Identify, assess, and recommend
cyber security products for use within an operational
environmentProvide subject matter expertise to the development of a
common operational picture.Develop and implement security
vulnerability assessments and penetration tests.Ensure that
cybersecurity-enabled products or other compensating security
control technologies reduce identified risk to acceptable security
levels.Maintain operational security posture for an information
system or program. Apply a full range of Cybersecurity policies,
principles and techniques to maintain security integrity of
information systems processing classified information.Conducting
vulnerability scans and recognizing vulnerabilities in security
systemsPerform cyber defense trend analysis and reporting.Perform
security reviews and identify security gaps in security
architecture resulting in recommendations for inclusion in the
risk.Knowledge and understanding of cyber defense tools for
continual monitoring and analysis of system activity to identify
malicious activity.Required Clearance:TS/SCI with poly (#ts/sci)
(#polygraph)Required Qualifications:Candidate must have 10 years of
experience that can be a combination of work history and education.
This equates to:Doctorate and 3 years of experience; OR Masters and
4 years; ORBachelors and 6 years; ORAssociates and 8 years; ORHS
and 10 years. Must have certifications to meet minimum requirements
for DoD 8570 IAT Level 2 certification requirements; level 3
requirements are acceptable as well. Level II certifications must
be obtained within six (6) months:Certified Network Defender
(CND)COMPTIA Cybersecurity Analyst (CYSA+)COMPTIA Security+GIAC
Security Essentials (GSEC)Global Industrial Cyber Security
Professional (GICSP) Implementing and Administering Cisco Solutions
(CCNA)Systems Security Certified Practitioner (SSCP)Communicate
complex information, concepts, or ideas in a confident and
well-organized manner through verbal, written, and/or visual
means.Develop or recommend analytic approaches or solutions to
problems and situations for which information is incomplete or for
which no precedent exists.Ability to exercise judgment when
policies are not well-defined.Knowledge of new and emerging IT and
cybersecurity technologies.Effective communication skills (verbal
and written) ensuring clear and effective communication with senior
government leaders and technical peers.Experience with Risk
Management Framework (RMF), NIST SP 800-53, Security Technical
Implementation Guides (STIGs) and Security Content Automation
Protocol (SCAP) Compliance Checker.Knowledge of IT security
principles and methods (e.g., firewalls, demilitarized zones,
encryption).Desired Qualifications:Ability to contribute in a
dynamic high tempo operational environment.Ability to correlate
operational concepts and apply appropriate security measures to
mitigate threats or vulnerabilities.Applied knowledge of ServiceNow
as well as other IA reporting tools Knowledge of computer
networking concepts and protocols, and network security
methodologies.Knowledge of authentication, authorization, and
access control methods.Knowledge of system and application security
threats and vulnerabilities (e.g., buffer overflow, mobile code,
cross-site scripting).Ready to join our team? Apply TodayOur Senior
Information System Security Engineer's earn between $98,100 -
$160,000. Not to mention all the other amazing rewards that working
at AT&T offers. Individual starting salary within this range
may depend on geography, experience, expertise, and
education/training.Joining our team comes with amazing perks and
benefits:Medical/Dental/Vision coverage401(k) plan Tuition
reimbursement programPaid Time Off and Holidays (based on date of
hire, at least 23 days of vacation each year and 9
company-designated holidays) Paid Parental LeavePaid Caregiver
LeaveAdditional sick leave beyond what state and local law require
may be available but is unprotectedAdoption Reimbursement
Disability Benefits (short term and long term)Life and Accidental
Death Insurance Supplemental benefit programs: critical
illness/accident hospital indemnity/group legal Employee Assistance
Programs (EAP)Extensive employee wellness programs Employee
discounts up to 50% off on eligible AT&T mobility plans and
accessories, AT&T internet (and fiber where available) and
AT&T phone Job ID 2309756 Date posted 03/14/2023
Keywords: AlienVault, Chantilly , Senior Information System Security Engineer,, Other , Chantilly, Virginia
Click
here to apply!
|