Visit our website Register with us

logo

View all jobs

IT Information Assurance/Security Engineer, Senior

Herndon, VA
JOB TITLE IT Information Assurance/Security Engineer, Senior
CLEARANCE     TS/SCI w/CI Poly
WORK LOCATION            On client site.  Herndon, VA
REMOTE WORK            Remote work is not authorized.
TRAVEL            None
 
JOB DESCRIPTION            We are seeking an Expert IT Information Assurance/Security Engineer to lead and enhance our large enterprise cloud-based systems and applications. In this pivotal role, you will ensure compliance with ISSO roles and responsibilities as defined by agency directives, while performing critical tasks in support of various information assurance programs. Your expertise will be instrumental in security authorization activities, following Risk Management Framework (RMF) policies, and developing essential documentation including System Security Plans (SSPs), Risk Assessment Reports, and Security Controls Traceability Matrices (SCTM). You will also be responsible for crafting Security Test Procedures (STP), conducting self-assessments, and validating security designs to maintain a robust operational security posture.
As a key member of the team, you will analyze system audit logs to detect anomalous activities and potential threats, as well as perform vulnerability assessments to identify and mitigate risks within security systems. Your comprehensive understanding of cybersecurity policies and techniques will help ensure the integrity of information systems, particularly those processing classified information. Collaborating closely with government customers, you will support continuous monitoring (ConMon) activities, manage computer security incidents, and ensure compliance with regulatory standards. Additionally, you will maintain thorough documentation within government record-keeping systems like Xacta, provide configuration management for security-relevant components, and conduct risk analysis for significant changes to applications and systems.
  • Job Duties      
  • Ensure compliance with ISSO roles and agency directives.
  • Develop and maintain System Security Plans (SSPs).
  • Conduct security authorization activities in compliance with RMF.
  • Create and implement Security Test Procedures (STP).
  • Perform self-assessments to validate security designs.
  • Maintain operational security posture for information systems.
  • Conduct STIG reviews and self-risk assessments.
  • Analyze system audit logs for anomalous activities.
  • Perform vulnerability scans and remediation.
  • Ensure effectiveness of cybersecurity-enabled products and controls.
  • Identify security gaps and recommend improvements.
  • Collaborate with government customers on ConMon activities.
  • Manage computer security incidents and vulnerability compliance.
  • Input and maintain documentation in Xacta.
  • Provide configuration management for security-relevant software, hardware, and firmware.
  • Conduct risk analysis for significant application/system changes.
  • Provide input for Risk Management Framework process activities.
  • Stay informed about cybersecurity trends and regulatory changes.
  • Engage in training and mentorship of junior staff.
  • Develop policies and guidelines for information security.
  • Conduct periodic security reviews and audits.
  • Collaborate with cross-functional teams to enhance security protocols.
  • Participate in incident response planning and execution.
  • Review and analyze threat intelligence data.
  • Advocate for security best practices across the organization.
QUALIFICATIONS            Minimum Years of Experience:
  • Relevant Job Experience Required: 8 years
  • Overall IT Experience Required: 10 years.
Technical Skills and Experience:
  • FISMA and NIST compliance expertise
  • Security Control Assessment (NIST SP 800-37, 800-53)
  • Risk analysis and assessment methodologies
  • Proficiency in Splunk
  • Experience with Amazon Web Services (AWS)
  • Familiarity with Xacta for documentation
  • Strong written and verbal communication skills
  • Experience in policy development for Federal/DoD Information Security
  • Ability to analyze complex security data
  • Familiarity with cybersecurity incident response procedures
  • Knowledge of STIGs and vulnerability management
  • Understanding of Continuous Monitoring (ConMon) practices
  • Experience in identifying and mitigating security risks
  • Strong organizational skills and attention to detail
  • Ability to lead security reviews and audits
  • Familiarity with risk management processes
  • Ability to train and mentor junior staff
  • Strong analytical skills for threat detection
  • Knowledge of cybersecurity technologies and tools
  • Understanding of OMB Information Security directives
  • Experience developing and implementing security policies
  • Understanding of FISCAM compliance
  • Education       
  • Bachelor’s degree in computer science, software engineering or other equally relevant field.
  • Certification(s)            
  • Currently Active: 
    • Active Security+
    • CISSP
    • CISA or equivalent (DoD 8570 IAM 2)
  • Professional
    Attributes & Values           
We are looking for a professional who exemplifies the following core values:
  • Integrity and Accountability: Demonstrates principled character, consistently upholding honesty and taking responsibility for their actions with the highest ethical standards.
  • Respect and Diversity: Treats others with dignity and fairness, valuing diverse perspectives to foster an inclusive and collaborative work environment.
  • Effective Communication: Delivers clear, accurate, and timely written and verbal communications, ensuring comprehensive understanding from the first conveyance.
  • Interpersonal Skills: Exhibits a courteous and approachable demeanor, fostering positive relationships and promoting teamwork.
  • Continuous Improvement: Proactively seeks opportunities for growth through self-assessment, professional development, and constructive feedback.
SoundWay is an Equal Opportunity Employer (EOE): 
SoundWay is committed to diversity, equity, and inclusion. We provide equal employment opportunities without discrimination based on race, religion, age, gender, disability, veteran status, or any other protected characteristic.
Join SoundWay and bring your unique talents to a team that truly values and respects every individual.
ABOUT SOUNDWAY Continued Service to Country through Contracting.
Check out SoundWay on YouTube
 
BENEFITS                               SoundWay Pays 100% of the Employee’s Premium for the below benefits and *SoundWay pays a portion of the additional cost to add a spouse, partner, child(ren), or family.
  • Medical Insurance*
  • Dental Insurance*
  • Vision Insurance*
  • Short-Term Disability Insurance
  • Long-Term Disability Insurance
  • Basic Life Insurance
  • Employee Assistance Program
  • Identity Theft Protection
  Additional Competitive Benefits Include:
  • 10 Paid Holidays a Year
  • Paid Time Off (combined vacation & sick time off)
  • Matching 401K Voluntary Retirement Plan
  • Flexible Spending Account
  • Professional Development Funds
PERKS                               Perks for Everyone Include:
  • Flexible Work Schedules1
  • Employee Referral Bonus - $2000 Minimum
  • Employee Recognition –  Award$ & SWAG
  • Giving Back Sponsorship – Employee-Recommended
                                                  Events, Charities, & Recipients
ABOUT US                               Founded by a service-disabled Army veteran in 2011, SoundWay is dedicated to Continued Service to Our Nation Through Contracting. We fulfill this mission by empowering our clients to succeed, enabling our employees to excel, and making a positive impact in everything we do.
Since its founding, SoundWay has been a trusted provider of Information Technology, Cybersecurity, and Mission Support services. As an SBA-certified HUBZone, SDVOSB, and WOSB small business, we are proud to serve a diverse array of clients across the federal government, including Civil Agencies, the Department of Defense (DoD), and the Intelligence Community (IC). We also support businesses with government contracts, ensuring their compliance with FAR 52.204-21, Cybersecurity Maturity Model Certification (CMMC), and NIST SP 800-171 requirements.
Cybersecurity.  SoundWay is a recognized leader in Government Cybersecurity Compliance, ranked among the Top 250 Managed Security Services Providers (MSSP) for 2023. As a Cyber-AB Authorized C3PAO, we are one of fewer than 50 nationwide, offering expert guidance and certification services. Our flagship managed service, CAMO, is a groundbreaking and cost-effective solution for achieving and maintaining CMMC compliance.
Cloud & Systems Engineering.  In the realm of Information Technology Professional Services, we offer a comprehensive range of IT engineering, development, testing, integration, and administration services. Our expertise spans cloud platforms like AWS and Azure, containerization tools such as Docker and Kubernetes, as well as programming languages including .Net, C languages, Java, Python, JavaScript, and BASH. We also specialize in database management with Oracle, MySQL, and MongoDB.

Share This Job

Powered by