[Close] 

Mid-level Security Advisor

About Engility: Engility delivers innovative solutions to critical challenges facing the nation and the world. As a premier provider of integrated services for the U.S. government, we support the Department of Defense, intelligence community, space communities, federal civilian agencies and international customers. Engility is dedicated to making lives better, safer and more secure. Description: Engility is committed to delivering our customer mission as it happens. We love what we do and we're looking for passionate, talented people to help us lead, grow and achieve our goals. You have an opportunity to be part of a highly successful, dynamic team that has transformed the way we delivery our services and solutions are integral to the missions of our customers. We understand the importance of the work we perform and how it directly affects the security of the nation and the safety of our citizens. As a trusted partner, we work side by side with our customers, providing honest counsel and innovative solutions to high-priority challenges. A snapshot of your responsibilities include: Conduct independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37). Support creation of, and ensure approval for, Department of Defense (DOD) Risk Management Framework (RMF) Assess and Authorize (A&A) Process for development and sustainment projects. Support program and customer management, and government Authorizing Official (AO) for all information security status, policies, and procedures. Ability to work with cross functional team members to design, develop, implement and document security solutions to obtain an Authority to Operate (ATO) of Systems in accordance with NIST and FedRAMP security requirements. Develops, implements, and documents security solutions and monitors compliance to these policies and contributes to the risk analysis and project support in the area of cyber security. Perform assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Create and manage Plan of Action & Milestones (POA&M). Measure effectiveness of defense-in-depth architecture against known vulnerabilities. Lead/support meetings with senior level government and contractor staff. Qualifications: Required Qualifications: Must have a current/active TS/SCI and be willing and able to pass a CI Polygraph. Requires minimum of 6 years of demonstrated relevant analytic methodology experience Possess Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) Certification. Knowledge of the following areas required: understanding of the NIST Cybersecurity Framework, NIST 800-53 and NIST 800-171 security controls, security practices and procedures; knowledge of Cloud system design, knowledge of privacy data security control implementation and implications to a system, knowledge of current security tools available; hardware/software security implementation; encryption techniques/tools; familiarity with commercial products, current FedRAMP requirements, and civil government agency cyber security requirements. Working understanding of DoD/IC system security control requirements. Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Experience with XACTA, Microsoft Office Suite products and briefing senior leadership. Demonstrated experience with HP Fortify Software Security Center, Assured Compliance Assessment Solution (ACAS), and familiarity with Firewalls, Intrusion Prevention Systems, and/or enterprise Antivirus software technologies. Customer-service and goal oriented. Excellent oral and written communication skills. Ability to develop and present technical presentations to senior-level leaders. Ability to work independently and as a team member under tight deadlines with changing priorities. Desired Qualifications: Desired Qualifications: Bachelor's degree in Computer Science, Cybersecurity, Computer Engineering, Information Assurance, or a related discipline and/or at least 3 years of experience. Possess CND-AU Certification; (Certified Ethical Hacker CEH , Certified Information Systems Auditor CISA , or GIAC Systems and Network Auditor GSNA ) Certified IAM level III or IAT level III Experience in Cloud Security Practices. Enable assurance for information security during all phases of agile software development and deployment Enhance & implement Cybersecurity vulnerability/A&A hardening testing Perform information security vulnerability testing and mitigate any nonconformance Integrate & test security patches and settings, document A&A artifacts Continuously evaluate and recommend innovative proven best business practices and tools to enhance defense-in-depth Perform cross domain technology security control assessments, provide CDS engineering support, and related activities Identify and assess the capabilities and activities of cybersecurity criminals or foreign intelligence entities. Produce findings to help initialize or support law enforcement and counterintelligence investigations or activities. EEO Statement: Engility Corporation is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action employer, making decisions without regard to race, color, religion, creed, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. U.S. citizenship is required for most positions. For our complete EEO/AA and Pay Transparency statements, please click here .? Department: Engineering - provided by Dice
Agile, Analysis, AntiVirus, Architecture, CISSP, Civil, Development, Encryption, Hardware, Manager, Management, Networks, Project, Risk Management, Security, Testing


Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Mid-level Security Specialist
Ft Myer, VA Engility
Mid Level Security Analyst (FISMA)
Chantilly, VA Vencore
Security Specialist (Mid Level)
Falls Church, VA ManTech
Facility Security Officer - mid-level FSO
Reston, VA ASRC Federal