Senior Information System Security Engineer,

Company: AlienVault
Location: Chantilly
Posted on: March 19, 2023

Job Description:

AT&T Global Public Sector is a trusted provider of secure, IP-enabled, cloud-based, network solutions and professional services to the Federal Government. We are dedicated to recruiting, developing, and empowering a diverse, high-performing workforce that is passionate about what they do, committed to our shared values, and dedicated to our customers' mission.Our Cyber Security Team supports the customer by investigating, analyzing, and mitigating cybersecurity incidents that attempt to breach the Customer's network infrastructure, applications, and operating systems.AT&T has an opening for a Senior Information System Security Engineerto support the Moonshot contract.The selected candidate for the ISSE role will support the customer by providing Cyber Security Architecture Analysis and Security Engineering Support. As the ISSE, the selected candidate will be called upon to perform the following tasks:Ensuring cyber security is baked into the design of new/existing operational environmentsPerform and review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established cybersecurity standards and regulations, and recommend mitigation strategiesCharacterize and analyze network traffic to identify anomalous activity and potential threats to network resourcesPerform security authorization activities in compliance with Risk Management Framework (RMF) policies and procedures to include: System Security Plans (SSPs), Risk Assessment Reports, A&A packages, and Security Controls Traceability Matrix (SCTM). Assist ISSMs/ISSOs in maintaining operational security posture to ensure information systems (IS), security policies, standards, and procedures are established and followed. Performs vulnerability/risk assessment analysis to support Assessment & Authorization (A&A)Ensure that system designs support the incorporation cyber security vulnerability solutionsProvides configuration management (CM) expertise for information system security software, hardware, and firmware and leads Change Control Board (CCB) meetings.Coordinates with the Information System Security Analysts, and system administrators for control implementation and Plans of Actions and Milestones (POA&Ms) closeout requirements.Ensures systems designs support incorporation to customer continuous monitoring solutions (i.e., Vulnerability Alerts, Splunk, Enterprise Scanning, etc.)Required to become proficient on the Customer's Assessment and Authorization tool to track and document the RMF steps. Identify, assess, and recommend cyber security products for use within an operational environmentProvide subject matter expertise to the development of a common operational picture.Develop and implement security vulnerability assessments and penetration tests.Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to acceptable security levels.Maintain operational security posture for an information system or program. Apply a full range of Cybersecurity policies, principles and techniques to maintain security integrity of information systems processing classified information.Conducting vulnerability scans and recognizing vulnerabilities in security systemsPerform cyber defense trend analysis and reporting.Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk.Knowledge and understanding of cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.Required Clearance:TS/SCI with poly (#ts/sci) (#polygraph)Required Qualifications:Candidate must have 10 years of experience that can be a combination of work history and education. This equates to:Doctorate and 3 years of experience; OR Masters and 4 years; ORBachelors and 6 years; ORAssociates and 8 years; ORHS and 10 years. Must have certifications to meet minimum requirements for DoD 8570 IAT Level 2 certification requirements; level 3 requirements are acceptable as well. Level II certifications must be obtained within six (6) months:Certified Network Defender (CND)COMPTIA Cybersecurity Analyst (CYSA+)COMPTIA Security+GIAC Security Essentials (GSEC)Global Industrial Cyber Security Professional (GICSP) Implementing and Administering Cisco Solutions (CCNA)Systems Security Certified Practitioner (SSCP)Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.Develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.Ability to exercise judgment when policies are not well-defined.Knowledge of new and emerging IT and cybersecurity technologies.Effective communication skills (verbal and written) ensuring clear and effective communication with senior government leaders and technical peers.Experience with Risk Management Framework (RMF), NIST SP 800-53, Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker.Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption).Desired Qualifications:Ability to contribute in a dynamic high tempo operational environment.Ability to correlate operational concepts and apply appropriate security measures to mitigate threats or vulnerabilities.Applied knowledge of ServiceNow as well as other IA reporting tools Knowledge of computer networking concepts and protocols, and network security methodologies.Knowledge of authentication, authorization, and access control methods.Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting).Ready to join our team? Apply TodayOur Senior Information System Security Engineer's earn between $98,100 - $160,000. Not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.Joining our team comes with amazing perks and benefits:Medical/Dental/Vision coverage401(k) plan Tuition reimbursement programPaid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays) Paid Parental LeavePaid Caregiver LeaveAdditional sick leave beyond what state and local law require may be available but is unprotectedAdoption Reimbursement Disability Benefits (short term and long term)Life and Accidental Death Insurance Supplemental benefit programs: critical illness/accident hospital indemnity/group legal Employee Assistance Programs (EAP)Extensive employee wellness programs Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone Job ID 2309756 Date posted 03/14/2023

Keywords: AlienVault, Chantilly , Senior Information System Security Engineer,, Other , Chantilly, Virginia