Information Security Specialist
Information Security Analyst Job 23 miles from Gaithersburg
Type of Requisition:
Regular
Clearance Level Must Currently Possess:
Top Secret
Clearance Level Must Be Able to Obtain:
Top Secret SCI + Polygraph
Public Trust/Other Required:
None
Job Family:
Cyber Engineering
Job Qualifications:
Skills:
Cybersecurity, Information Assurance, IT Development
Certifications:
None
Experience:
8 + years of related experience
US Citizenship Required:
Yes
Job Description:
Own your career as a Information Security Specialist at GDIT. Here, you'll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients' missions and ensuring we anticipate the threats of tomorrow.
At GDIT, people are our differentiator. As a Information Security Specialist you will help ensure today is safe and tomorrow is smarter. Our work depends on Information Security Specialist joining our team to support our Department of Defense (DoD) customer in multiple regions of the Continental United States (CONUS).
HOW AN INFORMATION SECURITY SPECIALIST WILL MAKE AN IMPACT
The successful candidate will participate in software and systems engineering and software systems research to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems. The candidate will design, develop, test, and evaluates information system security throughout the systems development life cycle. You will test, implement, deploy, maintain, and administer the infrastructure hardware and software and conduct risk assessment and provide recommendations for application design and accreditation including ATO and eMASS. You will be responsible for the full range of security issues including architectures, firewalls, electronic data traffic, and network access- Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research. You will participate in the design and development of new systems, applications, and solutions for external customer enterprise-wide cyber systems and networks.
Additionally, you will ensure the logical and systematic conversion of customer or product requirements into total systems solutions that acknowledge technical, schedule, and cost constraints and integrate new architectural features into existing systems and infrastructures, designs cybersecurity architectural artifacts. You will provide architectural analysis and relate existing systems to future needs and trends, embed advanced forensic tools and techniques for attack reconstruction, provide engineering recommendations, and resolve integration/testing issues.
Adhere to DAAPM 2.2, JSIG Rev 4, ICD-503, and other applicable documentation for our systems and architectures.
Develop and sustain the Security Authorization or Assessment and Accreditation (A&A) for pertinent systems.
Maintain coordination with customers and stakeholders to ensure realistic schedule milestones are achieved.
Deliver all required documentation as directed and needed.
Ensure all Security Authorization documentation is updated as required and in concert with established or developed RMF documentation.
Develop schedules and requirements to achieve Authority to Operate (ATO) and lead the team to the successful achievement of IATO and ATO.
Collect and document relevant governing authority Security Controls.
Develop Security/RMF Packages and perform any modifications throughout the lifecycle of the information system.
Collaborate with key stakeholders to identify additional controls that are applicable to ensure positive security postures.
Provide oversight and advisory activities as needed.
Develop and deliver all Plans of Actions & Milestones (POA&Ms) for each system as needed.
Participate in project discussions and support stakeholder communications by working and communicating directly with the customer.
Identify, track, and report security requirements throughout security process of all information systems which are assigned.
Provide timely and detailed responses to all requested information requests.
Learn and sustain knowledge and understanding all system configurations, architecture, and installed software.
WHAT YOU'LL NEED TO SUCCEED:
Certifications required: Security+
Certifications Preferred: CISSP, CCSP, CE|H, ITILv4, AWS Cloud Practitioner, AWS Certified SysOps Administrator, Linux Essentials, MCTS, CCAP, CSCP, CSIS, CIOS, Cloud+, Network+, A+, Project+, HBSS, AES, SPLUNK, ACAS, and eMASS Certified
Education: Bachelors or Higher
Required Years of related Experience: 8+
US Citizenship Required
GDIT IS YOUR PLACE:
● 401K with company match
● Comprehensive health and wellness packages
● Internal mobility team dedicated to helping you own your career
● Professional growth opportunities including paid education and certifications
● Cutting-edge technology you can learn from
● Rest and recharge with paid vacation and holidays
The likely salary range for this position is $116,979 - $138,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Scheduled Weekly Hours:
40
Travel Required:
None
Telecommuting Options:
Onsite
Work Location:
USA VA Alexandria
Additional Work Locations:
Total Rewards at GDIT:
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation's most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real.GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
Information Systems Security Manager (ISSM)
Information Security Analyst Job 5 miles from Gaithersburg
EchoStar has an exciting opportunity for an Information Systems Security Manager (ISSM)/ Information Systems Security Offer (ISSO) in our Hughes Network Systems division to join our team to support various government customers for multiple Defense and Government Systems Division (DGSD) initiatives. The position will provide strategic and tactical “day-to-day” support for Collateral and Classified activities. This position is located at our headquarters in Germantown, Maryland.
Responsibilities:
Recommend resource allocations required to securely operate and maintain the DGSD IA requirements.
Participate in information system risk assessment during the A&A process
Oversee cybersecurity and certification of a CUI environment including CMMC
Develop security requirements for hardware, software, and service acquisitions specific to DGSD networks
Identify alternative functional IA security strategies to address DGSD security concerns and develop plans capable of implementation.
Evaluate the adequacy of security measures proposed or provided in response to requirements listed in acquisition and operations documents
Develop and implement programs to ensure systems, network, and data users are aware of, understand, and follow DGSD IA policies
Evaluate IT enclave systems, assess risk posture and system security findings, and recommend mitigation and /or remediation actions
Work with IT network security best practices, applying policies, performing routine IT security scans and generating reports
Basic Requirements:
Bachelor's degree in information systems, computer science, cyber security, related technical field or combination of education and experience
10 years of overall experience
3+ years of experience as an ISSO
3+ years' experience using RMF and Incident management and response experience
Security+ certification
3+ years' experience with computer networking concepts, protocols, and network security methodologies
3+ years' experience with and knowledge of DoD and US Government (USG) information system (IS) accreditation and certification policies, standards, and governance, to include NIST FIPS Publications, DoDI 8500.2, and DISA STIGs
3+ years' experience in Information security program management and project management principles and techniques
3+ years' experience in System administration, network, and operating system hardening techniques
3+ years' experience as an advanced user of any Unix/Linux derived operating system
3+ years' knowledge of configuring and using Windows Server and Workstation
Must be capable of obtaining and holding a Top Secret U.S. government security clearance
Preferred Qualifications:
CISSP certification
Expertise in computer networking concepts, protocols, and security methodologies including host & network access control mechanisms
Well versed in Risk Management processes (e.g., methods for assessing and mitigating risk) and management of cybersecurity threats and vulnerabilities
Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures and current/emerging threats or threat vectors
Practitioner of cybersecurity best practices used to manage risks related to the use, processing, storage, and transmission of information or data
Practitioner of current industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities
Experience in Business Continuity and disaster recovery continuity of operations plans, system life cycle management principles, including software security and usability
Experience facilitating scheduled risk reviews as well as developing custom reports, layouts, and filters; ability to coordinate Project Team meetings
Will be eligible for discretionary bonus, with funding based on company performance
#LI-CD1
#H
Information System Security Officer - CI Poly
Information Security Analyst Job 16 miles from Gaithersburg
Piper Companies is seeking an experienced ISSO- CI Poly who can work onsite in Herndon, VA. The ISSO - CI Poly will be responsible for the lifecycle of Information Systems and once authorized, the ISSO- CI Poly will maintain compliance with all applicable CONMON requirements.
Responsibilities of the ISSO - CI Poly include:Plan, manage and provide support to ensure the completion of all assessment and authorization activities per Intelligence Community Directive 503.
Maintain compliance with all applicable CONMON requirements Conduct weekly audits, vulnerability scanning, briefings and reviews of the System Security PlanRequirements for the ISSO- CI Poly include:3+ years' experience as an Information Systems Security OfficerStrong knowledge of the Intelligence Community Directive (ICD) 503 and Risk Management FrameworkIn-depth knowledge of Windows, Linux, Unix and AWSStrong experience implementing DISA STIGsStrong experience with compliance tools (Nessus, HBSS and Splunk) Professional Certifications (CISSP, Security+, CASP, CCNA) US Citizen with an active TS/SCI clearance and CI Polygraph Compensation for the ISSO - CI Poly include:Salary Range: $130,000 - $160,000, Depending on ExperienceComprehensive benefits package PTO and Paid Holidays Keywords: Information System Security Officer, Senior Information System Security Officer, CI poly, Counterintelligence poly, Poly, Intelligence Community Directive 503, ICD 503, Risk Management Framework Process, DISA STIGs, Nessus, HBSS, Splunk, NISTs, CNSSI, CISSP, Security+, CASP, CCNA, Windows, Linux, Unix, AWS#LI-AG1#ONSITE
Cyber Security Training Specialist
Information Security Analyst Job 19 miles from Gaithersburg
Responsibilities
Developing, maintaining, and administrating cybersecurity training programs to ensure compliance with Federal requirements. In person training shall be delivered when requested. Trainings will deal with NIST, FISMA, RMF, and the like.
Track, analyze, and trend user's compliance with cybersecurity training to include role-based training, social engineering training, annual awareness training, and ad-hoc training.
Conduct monthly and ad-hoc social engineering stimulated exercises; generate and analyze reports based on the exercises.
Review customers cybersecurity training program, identify gaps, and recommend remediation steps.
Basic Qualifications:
Assesses, designs, and conceptualizes training scenarios, approaches, objectives, plans, tools, aids, and curriculums. Develops and revises training courses.
Trains personnel by conducting formal classroom courses, workshops, and seminars.
3 or more years of experience as a cybersecurity/technical trainer
Senior Information Security Specialist
Information Security Analyst Job 18 miles from Gaithersburg
Support maturing and improving vulnerability management processes. Provide technical expertise and assist with the establishment and implementation of formal vulnerability management programs, including standard operating procedures and processes that govern all phases of the vulnerability management lifecycle in the Public Sector.
What You Will Do:
The following duties and responsibilities include performing hands-on vulnerability scanning and management, patching systems, designing mitigation strategies, and authoring vulnerability-related products (including program doctrine, analysis reports, and other documents required as part of a formal VM program). Specific responsibilities shall include, but are not limited to, the following:
Author / amend the Board's VM Program document to serve as the primary tool for designing the ideal VM program for the Information Security Branch.
Support the implementation of a formal VM program with a variety of product types (e.g., program documents, policy documents, mitigation strategies, analysis reports, standard operating procedures).
Support the expansion of the VM program to include endpoints, mobile devices, cloud infrastructure, and more.
Research new vulnerability capabilities and recommend solutions that can be employed within the Board's infrastructure.
Support the deployment of new capabilities.
Adapt the Board's VM program as needed to support the implementation of a zero-trust architecture.
Build dashboards, metrics, and reports that convey the health and stability of the VM program.
Generate reports to measure the Board's progress in meeting vulnerability remediation targets.
What You Will Need:
US Citizen Requirement
Candidate will work onsite one day a week.
Experience with one or more security technologies, including vulnerability scanners and SIEM solutions: including specific systems Tenable, Nessus, Invicti, Splunk, and other vulnerability management solutions (e.g., enterprise patch management).
Experience managing vulnerabilities in both on-premises systems and in cloud environments, (e.g. Amazon Web Services, Microsoft Azure, Google Cloud, and Data Centers).
Familiarity with relevant industry standards and regulations. This should include specific requirements of federal government institutions and general best practices for a quality vulnerability management program.
Experience identifying and developing mitigation strategies. This includes designing mitigations that specifically address vulnerabilities, working with system owners to patch systems, and identifying adequate solutions to remediate vulnerabilities where patching is not possible.
Experience analyzing data and identifying vulnerabilities. This extends beyond running a scan and identifying vulnerabilities found by the system. This includes analyzing systems, network configurations, web applications, and architectural diagrams, as well as identifying top vulnerabilities such as those listed in the OWASP “Top Ten” and understanding how those vulnerabilities work at the programmatic level.
Experience with workflows, forms, and other enabling technologies that may be needed to operationalize the vulnerability management program.
Experience supporting the implementation of a Zero Trust Architecture.
Experience building dashboards, metrics, and reports that convey the health and stability of a vulnerability management program.
What Would Be Nice To Have :
Software needs might include ServiceNow, SharePoint, Adobe Forms, automated email messaging, PowerApps, Tableau for visualization, and Splunk.
Information Systems Security Officer (ISSO)- Top Secret Clearance- Washington, DC
Information Security Analyst Job 19 miles from Gaithersburg
Zachary Piper Solutions is seeking an Information System Security Officer (ISSO)/ Information Assurance, to support a government consulting firm in Washington, D. C for a 100% on-site opportunity. The ISSO is responsible for ensuring the security and compliance of the customer's critical systems.
Responsibilities of the ISSO:Establish and maintain Configuration Management of documentation ID, assess, and document threats to designated systems Conduct cybersecurity tests Create, maintain, and train disaster recovery and incident response plans Contribute to schedule development Contribute to metric collection Contribute to process development within the functional area and where the functional area connects to other operational processes.
Qualifications of the ISSO:5-10 years of experience as an ISSO and working in information security, compliance, and experience working with government projects Strong background in cyber-security Demonstrated on-the-job knowledge and experience with reviewing security concepts of operations, systems security plans, security control assessments, contingency plans, configuration management plans, incident response plans, vulnerability scanning, and/or vulnerability management plans.
2+ years of experience with one or more of the following: ICD-503, JSIG, RMF, NIST, FIPS, CNSSI 1253, Nessus, A&A.
Bachelor's DegreeActive Top Secret Clearance required Compensation for the ISSO:Salary range: $100,000-$130,000 ***depending on experience***Full Benefits: Cigna Medical, Dental, Vision, 401K, etc.
KEYWORDS: ISSO, Information System Security Officer, SSO, Systems security Officer, Information System Security, Information Systems security, Systems security, Active Top Secret clearance, Active Top Secret, Top Secret Clearance, TS, poly, polygraph, documentation, configuration management, cybersecurity, cyber security, top secret, top-secret, TS, TS-SSBI, TS-SBI, TS/SCI, TS/SBI, TS/SSBI, top secret/sci, TSSCI, TS-SCI, poly, polygraph, Cipoly, FSPoly, FSP, #LI-AC3
Information Security DLP Process Senior
Information Security Analyst Job 14 miles from Gaithersburg
Immediate need for a talented Information Security DLP Process Senior. This is a 06+ Months Contract opportunity with long-term potential and is located in McLean, VA (Hybrid). Please review the job description below and contact me ASAP if you are interested.
Job ID:24-48434
Pay Range: $60 - $65/hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location).
Key Responsibilities:
Lead the effort of enhancing the existing Data Loss Prevention (DLP) exclusions/exceptions (“exclusions” henceforth) process on behalf of the Cyber DLP team.
The scope of the enhancement includes both process and technology.
Thoroughly understand the DLP architecture, defined processes and procedures, and suggested enhancements. Advice on alternative methods for enhancement.
Liaise with key stakeholders that are core to the DLP exclusions process to execute upon the defined enhancement plan.
Note the key stakeholders span across Information Security, Information Technology, and the Lines of Businesses.
From a technology perspective, the resource will have to engage with the Client, Jira, SharePoint, and Client teams at a minimum to design and deploy the enhanced process/workflow.
Develop/update and communicate comprehensive enhanced program documentation.
Engage and assist teams to review and update where required existing DLP exclusions.
Assist in execution of the team's tasks as requested.
Key Requirements and Technology Experience:
Skills-DLP (Data loss prevention), business analysis, Jira.
At least 5 years of related experience in the technical DLP space and with technical/process writing.
Ability to communicate effectively, persuasively, and credibly with internal management and partners/stakeholders.
Experience with the following tools: DLP tools, MS Office suite including MS Visio, SharePoint, Client, Jira, Client.
Experience with MS Project preferred.
Time flexibility to potentially support incorporating changes after 8PM ET if required.
Ability to adapt, work in and thrive in a frequently changing environment.
Excellent teaming skills.
View obstacles and gaps as an exciting challenge, focus on providing detailed solutions to solve problems.
Our client is a leading Financial services Industry and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration.
Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
By applying to our jobs you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here.
Information System Security Officer - CLEARED
Information Security Analyst Job 19 miles from Gaithersburg
RDTS is seeking an experienced Information System Security Officer (ISSO) to provide Systems Assessment and Authorization support to the US Department of the Treasury's Departmental Offices (DO), Office of the Chief Information Officer (OCIO).
This position requires both the technical ability to provide independent assessments and plans for current enterprise applications and systems; and the interpersonal skills to oversee effective inter/intra-departmental collaborations to ensure effective operations. Personnel selected for this role will work with RDTS leadership to oversee the program and Government personnel to develop plan based on scheduled system and application analysis to meet mission needs of the Department of Treasury DO.
Duties and Responsibilities:
The overall duties and responsibility for this position are to perform a security assessment (either full or partial) on each system (up to nine systems) assigned in the Enterprise Applications Cybersecurity portfolio.
The list of systems requiring security assessments will be provided by the Program Manager and Government Lead based on the current team workload.
The ISSO will work independently to perform IT audits on complex information systems, applications, and enclaves to ensure that appropriate controls exist, are correctly implemented, and that procedures are in compliance with NIST, Federal, DOD standards.
The candidate will conduct cybersecurity control validation exercises on classified and unclassified networks, applications, and systems to validate the effectiveness of current security measures.
He/She will conduct accurate evaluation of the level of security required.
He/She will perform all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
The individual will provide technical support in the areas of vulnerability assessment, risk assessment, network security, and security implementation.
The candidate will provide technical evaluations of customer systems and assists with making security improvements.
The candidate will also develop a Security Assessment Plan (SAP) (Per NIST SP 800-53A, TD P 85-01, and TSSEC Policy - or DO P 910 if applicable) that describes the scope of the system assessment.
The SAP shall include:
Security controls and control enhancements under assessment.
Assessment procedures to be used to determine security control effectiveness.
Assessment environment, assessment team, and assessment roles and responsibilities.
The results of the security assessment shall be documented in the Security Assessment Report (SAR), Security Requirements Compliance Matrix (SRCM), and the Plan of Actions and Milestones (POA&M).
Requirements:
Bachelor's Degree in Computer Science, IA or other cyber discipline.
Five (5) to Ten (10) years relevant experience.
Must possess fundamental understanding of Splunk applications.
Experience with Tenable., Qualys, DB Protect, Websense or a similar security scanner.
Must have strong understanding of DISA STIG and CIS Benchmark configurations.
Must be able to weigh business needs against security concerns and be able to analyze applied mitigations to evaluate whether they meet security requirements.
Must be a US citizen.
Must be able to obtain and maintain a security clearance.
Specialized Requirements:
Experience with scripting.
Experience with host based and application layer scan technologies.
Knowledge of Azure, AWS, Oracle OCI or similar cloud-based systems.
Strong knowledge of security fundamentals and common vulnerabilities clearance.
Experience with the full stack of information technologies and associated security models, including server/OS, database, hardware, network devices, user compute application/SDLC, etc.
Experience working with cyber security and vulnerability management.
Ability to work in a fast-paced work environment and open to quickly adjusting to meet Customer needs.
PM21
All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, age, marital status, pregnancy, genetic information, or other legally protected status.
PI58b221e05704-26***********2
Information Security Analyst
Information Security Analyst Job 30 miles from Gaithersburg
Tyto Athene is searching for a Information Security Analyst for Systems Security and Operations will support the customer Enterprise Cybersecurity Operations Support Team, responsible for protecting the information and assets within the customer's information technology infrastructure. The customer's information resources are sensitive assets and are critical in the performance of its mission; therefore, information security services help safeguard the information resources entrusted to the customer. The ideal candidate will have experience in managing systems in compliance with regulatory frameworks such as FISMA/NIST. The IT Security Analyst for Systems Security and Operations will work closely with cross-functional teams to ensure the integrity, confidentiality, and availability of systems and data, as well as implement and enforce security policies and procedures.
Responsibilities:
Monitor the network and associated systems for security related incidents, evaluate current threats and provide recommendations for remediation and reporting for any identified incidents to the Information Systems Security Manager (ISSM).
Use DOD/DAU provided tools to continually assess the security posture of the DAU Network and all connected systems as well as evaluating new systems and changes to existing systems for configuration weaknesses prior to production deployment of the systems.
Support and manage Cybersecurity tools that enable the delivery of cyber security services. These include: security filtering, network monitoring, host based monitoring, event logging and correlation, and scanning tools.
Cybersecurity Vulnerability Management (IAVM) and DISA VDP Reviews
Conducts cyber threat intelligence analysis, develops correlation techniques, correlates actionable cybersecurity events, participates in the coordination of resources during incident response efforts, and reports and tracks incident findings and resolutions to customers that include trends, responses, and mitigation actions.
Assesses, plans, and enacts measures including refinements to cybersecurity architecture, tools configurations, and detection signatures to help protect customers from security breaches and attacks on its computer networks and systems
Required:
Two (2)+ years of relevant experience.
DoD 8570 Compliant for IAT Level II or above: Possess a CASP+ CE, CCNA Security, CCNP Security, CCSP, CISA, CISSP (or Associate), CND, CySA+, GCED, GCIH, GICSP, GSEC, Security+ CE, or SSCP certification.
DoD 8570 Compliant for CSSP Analyst: Obtain a CCNA Cyber Ops, CCNA-Security, CEH, CFR, Cloud+, CySA+, GCIA, GCIH, GICSP, PenTest+, or SCYBER certification within 6 months of start date.
Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, Zero Trust, defense-in-depth, and common security elements.
Understanding of Anti-Virus, HIPS/HBSS, IDS/IPS, Full Packet Capture, Network Forensics, and complex technical reports on analytic findings.
Understanding of malware analysis concepts and methods.
Education/Certifications
· Bachelor's degree in Computer Science or related field
Clearance Requirement: Active Secret Clearance OR the ability to obtain one.
About Tyto Athene
Tyto is an IT services and solutions company that provides mission-focused digital transformation to enhance the client experience and enable them to achieve desired outcomes. Tyto's services and solutions embody its domain expertise in four major Technology domains: Network Modernization, Hybrid Cloud, Cyber Security, and Enterprise IT. Tyto offers a broad range of service delivery models including design/install projects, Managed Services, and 'As-a-Service'. With over fifty years of experience, Tyto supports Defense, Intelligence, Space, National Security, Civilian, Health and Public Safety clients across the United States and around the globe.
Information System Security Officer
Information Security Analyst Job 16 miles from Gaithersburg
Title: Information Security Analyst/Cloud Security Analyst - ISSO
Duration: 1 year contract
Compensation: $50/hr to $62/hr.
Required Skills and Experience *
- 8+ years of Security Analyst experience
- 2+ years working in a Cloud environment and FedRAMP protocols
- Expert in FIPS 199 process
- Expert with FISMA, risk management framework
- 4+ years with POAM spreadsheets and understanding how to collect the information for a POAM
- 4+ years with SSP's and understanding how they are written
- Experience using Telos Xacta or similar tool
- Knowledge of CSAM or EMASS
- 3+ years of experience running security assessments
- Must be comfortable going onsite in Herndon 1-3x per week or as needed
Job Description *
This position is for our large software client. This person will join the Security Compliance Team who is supporting the FedRAMP and FISMA authorization of new Cloud Products and 3rd Party Applications into their various cloud environments. This team supports their commercial, corporate, and government environments.
The Security Analyst will be responsible for maintenance of the security documentation for the various environments; which may include development of the metrics / trends, input of security documentation into Xacta, assisting with the FedRAMP or FISMA authorization processes to include prep of the operations team, and documentation summary and update as required. This role serves as a mid level security analyst who assists with the security documentation and can provide thoughtful recommendations on processes and procedures, as well as implementation of security controls. This role must communicate between security, engineering, development and operations teams as required, and be able to interpret and document the results of data gathering. Key deliverables for success will be a monthly maintenance of various POAM, security documentation in Xacta is current and useful, processes and procedures are current and up to date, and assists with assurance that all FedRAMP / FISMA security controls are successfully implemented and associated security documentation is developed and implemented.
On a day to day this person will be required to:
- Gather information and implementation of the security controls through interfacing with the security engineering, operations and build teams
- Develop security documentation such as, but not limited to, System Security Plans (SSP), security plans, procedures, and processes
- Maintain, via review and update, of all security documentation
- Understand the intent of the FedRAMP security controls, FISMA security controls and communicate as needed
- Assist with the FedRAMP or FISMA authorization to include, but not limited to, prep of operations team through training and mock interviews, update documentation as required, and support FedRAMP PMO/ Agency / CISO requests
Exact compensation may vary based on several factors, including skills, experience, and education.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.
Splunk Cyber Security Solutions Engineer/Architect
Information Security Analyst Job 18 miles from Gaithersburg
At Lifescale Analytics, we help achieve data-driven decisions by leveraging strategic technologies to create innovative solutions that ultimately help our clients to navigate their ever-changing data landscape. We have an opportunity for a Splunk Cyber Security Solutions Engineer/Architect IV, preferred candidates in Morrisville, NC; Falls Church, VA; Eagan, MN but remote support in the following states is authorized: Florida (FL), Georgia (GA), Minnesota (MN), North Carolina (NC), South Carolina (SC), Ohio (OH), Tennessee (TN), Texas (TX) or Virginia (VA). Note: Relocation and travel expenses are not covered by the employer/client.
Applicants responding for this position must be a US Citizen and will be subjected to a government security investigation which requires possessing the ability to view classified government information, background checks and drug screening. All applicants applying must have lived in the US for the past 5 years and cannot have traveled out of the country more than 6 months (cumulatively) in the past five years. (Military Service excluded).
The Employer will not sponsor applicants for any employment visas, at hiring or in the future, including but not limited to H-1B or EAD visas. Corp-to-Corp or subcontract personnel will not be considered for this position.
Requirements include but not limited to:
Experience implementing dynamic detections, integrating alerting platforms with, but no limited to, Tanium, SEP, Microsoft Defender for endpoint, Sysmon, Microsoft O365 Security alerting, Analyst1, VDI, VMware, Linux Audit logging in conjunction with the advanced Risk-Based Alerting (RBA) security framework.
In addition, the applicant would be responsible for tuning and configuration of Splunk Core and Splunk Enterprise Security (ES) services, develop use cases with CISO end users to build content and assist in developing advanced security use cases.
Participate in requirements gathering, solutions architecting, design and build of technology solutions to support Continuous Monitoring Program.
Assist, train, and host workshops for CISO teams. Support off-hours and weekend efforts for incident investigations and systems maintenance.
Support off-hours and weekend efforts for incident investigations and systems maintenance.
Experience Level - Must have demonstrated knowledge and experience in:
10+ years of related experience in cybersecurity and NIST standards along with 5+ years of technical writing.
Develop and Implement Actionable Alerts and Workflow for Splunk as a SIEM (Security Information & Event Management) tool
Develop and Implement Apps & Knowledge Objects (KO) like Dashboard, Reports, Data Models
Work with the Splunk Architect/Admin to promote private KO to Global KO
Assist, and/or train CISO Splunk Engineering team on Data Lifecycle Support
Assist, train, and/or host workshops CISO teams and analysts on Searching and Content Development
Develop and implement automation to improve efficiency of CISO workflows using Splunk
Assist in development of advanced security use cases in Splunk
Develop risk rules and risk incident rules to correlate and alert to significant cyber events.
Develop custom dashboards specific to RBA (Risk Based Alerting) to highlight risk detail, health analysis and risk suppression.
Configure incident response and remediation workflows for ES around notable events (RBA or otherwise alerted)
Develop custom machine learning (ML) models to support anomaly-detection based augmentation of alerting
Work with numerous stakeholders to implement & maintain event logging from various operating systems, applications, identity providers, network infrastructure, and cloud service providers.
Understanding of network protocols, operating systems, applications, and device event telemetry
Have strong communication and collaboration skills, both oral and written, with excellent interpersonal and organization skills.
Understanding of network defense tools (firewall, IPS/IDS, WAF/CDN, etc), endpoint defense tools (EDR, anti-malware) a plus
Experience with SAAS- or cloud-hosted Splunk implementation a plus.
Ability to support off-hours and weekend efforts for incident investigations and systems maintenance.
Ability to obtain a Public Trust Security Clearance.
Education:
Bachelor's degree in Business, Engineering, Management Sciences, Computer Science, Information Systems, Social Science, Education, Human Resources Development, and Psychology or other related disciplines and twelve to fifteen (12-15) years of experience or Master's degree and ten to twelve (10-12) years of related experience or PhD and eight to nine (8-9) years of related experience.
Certifications: (One or more required)
CompTIA Net+
CompTIA A
CompTIA Security +
CPTE - Certified Penetration Testing Engineer or CEH - Certified Ethical Hacker
Additional Provisions:
Pass both a client mandated clearance process which includes drug screening, criminal history check and credit check.
Candidate must have lived in the United States for the past 5 years.
Cannot have more than 6 months' travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members.)
Who we are:
Lifescale Analytics, a small business that provides specialized expertise in data and analytics. Formed in 2012, the Lifescale Analytics team has years of experience providing a spectrum of customized data management services and solutions including Data Management/Analytics, Big Data Solutions, Cloud Services, Business Intelligence, and Data Science that focus on building strong portfolios and programs. Through experience and innovation, we allow businesses, pharmaceutical companies, financial institutions, and government agencies to manage and proactively make decisions based on their biggest asset, their data. Our specialists are skilled at managing, refining, analyzing, or visualizing information for the specific purpose of increasing the value of IT to benefit from the data science industry. This job will be remote until the client decides to have employees report to the site.
For more information, please visit our website at **************************
Security Engineer
Information Security Analyst Job 15 miles from Gaithersburg
Job Title: Cloud Security Engineer
I'm working with a pioneering provider of smart technology solutions, searching for an experienced Cloud Security Engineer to enhance their cybersecurity posture and safeguard critical assets from evolving threats. In this hands-on role, you'll be integral in designing, implementing, and maintaining cloud security measures, offering technical leadership, and driving automation improvements to fortify the organization's security framework.
Job Description:
The Cloud Security Engineer is responsible for protecting cloud-based systems and applications within diverse cloud environments, including AWS, GCP, and Azure. This role involves implementing and managing a range of cloud security tools, such as CNAPP, CSPM, CWPP, CASB, CIEM, and Wiz, to strengthen overall cloud security posture.
With expertise in threat modeling and cloud-native security practices, the Cloud Security Engineer identifies and mitigates vulnerabilities across cloud infrastructures. Collaborating with cross-functional teams, they ensure robust security protocols are in place, supporting a secure and resilient environment that aligns with the organization's cloud security goals and compliance requirements.
Information System Security Officer
Information Security Analyst Job 19 miles from Gaithersburg
Coalfire Federal is a market leading cybersecurity consultancy firm that provides independent and tailored advice, assessments, technical testing and a full suite of cyber engineering services to Federal agency customers. Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with leading cloud and technology providers including Amazon, Microsoft, IBM, Google and Oracle and Federal agencies. Coalfire has been a cybersecurity thought leader for over 20 years and has offices throughout the United States and Europe and is committed to making the world a safer place by solving our clients' toughest security challenges.
But that's not who we are - that's just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
We are on the look out for Information System Security Officers (ISSO) to support our Federal team in the Northern Virginia / DC Metro area.
Job Summary
As an ISSO you'll be supporting as the principal advisor to the information system owner (SO), ISSM, CISO on all matters (technical and otherwise) involving the security of assigned information systems (on prem, vendor, and cloud-based).
Location
Our clientele is largely in the government space, primarily within the Washington, D.C. / Maryland / Northern Virginia (DMV) areas. While we do offer opportunities that are remote, hybrid, or on-site - a position location and travel may vary based on client needs, and so local candidates may be preferred.
What you'll do
Maintain detailed knowledge and expertise required to manage the security aspects of assigned information systems.
Ensure that the appropriate operational cybersecurity posture is maintained for assigned systems to provide confidentiality, integrity, and availability of information systems.
For each system assigned to an ISSO, the ISSO will be responsible to complete and keep updated security documentations, such as SIA, SSP, POA&M, Configuration Management Plan, Vulnerability Reports, etc.
Participate in planning and management of all phases of the Risk Management Framework (RMF) Security Assessment and Authorization (SAA) process.
Advise system owners on all matters, technical and otherwise, involving the security of assigned IT systems.
In coordination with SO team, develop standard operating procedures in accordance with security control requirements.
Perform continuous monitoring of implemented security controls to ensure that they are implemented correctly, operating as intended and producing the desired outcome with respect to meeting the cybersecurity requirements for assigned IT systems. Conduct continuous monitoring activities, to include:
Maintenance of current ATO, conducting periodic system self-assessments, periodic scans, log reviews
Ensuring proper sanitization of media prior to disposal
Work with technical teams to mitigate security control deficiencies and scan vulnerabilities for assigned IT systems.
Assess the cybersecurity impact of changes to assigned IT systems and document findings in a security impact analysis (SIA) report.
Conduct self-assessments of security controls, identify weaknesses and track remediation activities in POA&M.
Manage the plan of action and milestone (POA&M) process for designated IT systems to provide timely detection, identification and alerting of non-compliance issues. In coordination with System Owner staff, create POA&Ms or remediation plans for vulnerabilities identified during risk assessments, audits, inspections, etc.
Provide the required system access, information, and documentation to security assessment and audit teams.
Participate in security assessments and audits for assigned systems and facilitate evidence and/or data collection for data requests related to assigned systems.
Complete required A&A activities on assigned IT systems.
Brief senior management and ISSM on the security status of assigned authorization boundaries.
What you'll bring
Strong working knowledge and familiarity with NIST publications and privacy frameworks.
Demonstrated understanding of cloud service models, hybrid models, financial applications, and mobile security technologies and tools.
Demonstrated experience supporting an industry risk management tool executing A&A activities.
Education
Completed Bachelor's degree from an accredited university in an IT related field.
Clearance / Suitability
Ability to obtain a clearance or a Public Trust is preferred, however all clearance levels and non-cleared applicants will also be considered.
Certifications
One or more of the following certifications: CRISC, CISM, or CISSP is strongly preferred
Years of Experience
At minimum 5+ years of hands-on work experience with ISSO duties; performing systems security assessments, preparing system security documentation, and/or performing security upgrades for live networks, desktop systems, servers, and enterprise data bases leading to successful security authorization of such systems.
WHY JOIN US
Our people make Coalfire Federal great. We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve.
Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. Regardless of location, you'll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You'll have opportunities to join employee resource groups, participate in in-person and virtual events, and more.
You'll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support memberships, and comprehensive insurance options.
Coalfire is an EEO employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Information System Security Officer/Security Specialist
Information Security Analyst Job 14 miles from Gaithersburg
Harmonia Holdings Group, LLC, an award-winning federal government contractor, has an exciting opportunity for a Information Security Specialist to join our team.
Essential Job Functions:
Responsibilities include analysis, design, development, testing, data staging, and implementation activities.
Responsible for delivering a high-quality application with a strong emphasis on secured transport of information.
Minimum Required Qualifications:
U.S. citizen or legal permanent resident (
must have been a permanent resident for a minimum of 3 years
).
Bachelor's degree and at least 5 years of experience working in Information Technology in the Information Security/Assurance field.
Ability to obtain and maintain a Public Trust clearance
Prior experience working on US Federal Government projects.
One of more of the following certifications: GIAC Security Essentials (GSEC), GIAC Systems and Network Auditor (GSNA), GIAC Critical Controls Certification (GCCC), Open FAIR™ Risk Management Certification; and ISC2 Certified Information Systems Security Professional (CISSP). CISSP is preferred.
This position is a hybrid role. Qualified candidates must be local to the DMV area to be able to commute into the office a couple days a week (either Mclean VA or client site).
Knowledge, Skills, and Abilities:
Strong customer service, client-facing skills
Excellent oral and written communication skills
Demonstrated experience developing, updating, maintaining and controlling the following artifacts in accordance with the USDA IT Security Policies and NIST Special Publications and FIPS standards:
System Security Plans (SSPs).
Risk Assessments (RAs)
Information Security Continuous Monitoring (ISCM) Plans
Plan of Action & Milestones (POA&M) Closure Memos
Security Control Assessments (SCAs), including the Assessment Plan and Assessment Report
Information System Architecture Documents and other system diagrams
Configuration Management Plan
Contingency Plan
Continuity of Operations (COOP) Plan
Business Continuity Plan
Disaster Recovery Plan
Business Impact Assessment
Incident Response Plan
Security Impact Analysis (SIA)
Standard Operating Procedures (SOPs)
Any other artifacts necessary to prove the validity of system security controls and document the overall security and integrity of the information system.
Experience with developing initial Authority to Operate (ATO) packages and ATO re-authorizations and updates.
Understanding and/or experience with the use and application of the Risk Management Framework (RMF) from NIST Special Publication (SP) 800-37 and the Security and Privacy Controls for Federal Information Systems and Organizations SP 800-53. This includes conducting the activities of security categorization, security control selection and implementation, security control assessment, information system authorization, and security control monitoring.
Capable of understanding basic systems operations to apply understanding to security.
Preferred Skills:
Knowledge of Cyber Security Asset Management (CSAM) System.
Be able to assist in systems testing.
Here at Harmonia, we are pleased to have been repeatedly recognized for our outstanding work culture, the innovative work we do, and the employees on our team who make a difference each day. Some of these recognitions include:
Recognized as a Top 20 "Best Place to Work in Virginia"
Recipient of Department of Labor's HireVets Gold Medallion
Great Place to Work Certification for five years running
A Virginia Chamber of Commerce Fantastic 50 company
A Northern Virginia Technology Council Tech 100 company
Inc. 5000 list of fastest growing companies for eleven years
Two-time SBA SBIR Tibbett's Award winner
Virginia Values Veterans (V3) Certification
Cloud Security Engineer
Information Security Analyst Job 17 miles from Gaithersburg
The Cloud Security Engineer will be a subject matter expert with hands-on experience with cloud technologies, tools and methodologies with a particular focus on Microsoft Azure. The role is suited for an experienced Cloud Security Engineer with proven understanding in enterprise security and will focus on building tool sets and processes to support Navy's Cloud program.
Navy's Cloud Organization fosters a collaborative environment and is building a best-in-class Cloud program that protects Navy Federal information and cloud compute environments.
Responsibilities
Contribute to the vision, strategy, and drive execution for integrated security controls across Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), Infrastructure-as-a-Service (IaaS) for Navy's Azure environment.
Able to demonstrate clear understanding of current risks and threats to Cloud infrastructure and/or IT infrastructures at technical and manager audiences.
Provide security consultancy and engineering support for cloud security solutions including analysis and development of Azure and other security solutions.
Provide architecture assurance on Cloud security initiatives and compliance of existing security standards interfacing with infrastructure and development teams.
Maintain the security infrastructure tools that are built on the Cloud platform, providing stability and policies and procedures.
Develop and maintain documentation of all Security products including specific tools, technologies and processes.
Participate in Information Security Incident Response activities for the NFCU's environment.
Respond to security vulnerabilities identified through periodic and on-demand system audits and vulnerability assessments of Cloud services.
Monitor compliance with the organization's information security policies and procedures among employees, contractors and third parties.
Manage remediation efforts for any gaps reported in audits or recommended process improvements.
Actively monitor new and emerging cloud security technologies, trends, issues, and solutions and assess their applicability to Navy Federal's cloud strategy.
Qualifications
Bachelor's degree in computer science, Information Technology, or similar field of study required
Hands on experience with Azure Policy and Azure initiatives management
Knowledge of Azure Policy as Code
Experience with Microsoft Defender for cloud
Experience with Microsoft defender for cloud Apps and Defender for endpoints
Experience with Azure Key Vault integration, secrets, certificate and key management
Experience with other IaaS and PaaS elements such as compute services, Data Services and App Services.
Experience with Sentinel and Azure Purview
Hands-on experience with Access control technologies such as Azure AD B2C; SAML SSO, oAuth 2.0 configuration, set-up and operations management;
Understanding of encryption options in Azure such as CMK with DES and TDE
Experience with certificate management for IaaS and PaaS elements
Experience with Azure AD, Azure Resource Management Templates and Azure policies
Hands-on development and scripting skills in PowerShell 5
7+ years' experience working in a technical role with a minimum of 3 years' experience focused on cloud security and access control..
Experience with Azure Devops permission management and overall governance
Experience with Azure conditional Access and Privileged Identity Management PIM
Experience with Azure Identity Governance
Working knowledge of App registration management and enterprise Applications
Strong knowledge of information security and access controls.
Industry certification (CISSP, CISA, Azure) of high interest
Financial industry experience preferred
Hours: Monday - Friday, 8:00AM - 4:30PM
Location: 820 Follin Lane, Vienna, VA 22180 | 5510 Heritage Oaks Drive Pensacola, FL 32526 | 141 Security Drive Winchester, VA 22602 | 9999 Willow Creek Road San Diego, CA 92131
About Us
Navy Federal provides much more than a job. We provide a meaningful career experience, including a culture that is energized, engaged and committed; and fierce appreciation for our teams, who are rewarded with highly competitive pay and generous benefits and perks.
• Best Companies for Latinos to Work for 2024
• Computerworld Best Places to Work in IT
• Forbes 2024 America's Best Large Employers
• Forbes 2023 The Best Employers for New Grads
• Fortune Best Workplaces for Millennials™ 2023
• Fortune Best Workplaces for Women ™ 2023
• Fortune 100 Best Companies to Work For 2024
• Military Times 2023 Best for Vets Employers
• Newsweek Most Loved Workplaces
• Ripplematch Campus Forward Award - Excellence in Early Career Hiring
• Yello and WayUp Top 100 Internship Programs
From Fortune. ©2024 Fortune Media IP Limited. All rights reserved. Used under license. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of, Navy Federal Credit Union.
Equal Employment Opportunity: Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability EOE/AA/M/F/Veteran/Disability
Hybrid Workplace: Navy Federal Credit Union is a hybrid workplace, and details will be discussed during your interview process.
Disclaimers: Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position. Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team's discretion based on qualified applicant volume. Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position
Bank Secrecy Act: Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.
Information Security Specialist
Information Security Analyst Job 24 miles from Gaithersburg
Type of Requisition:
Regular
Clearance Level Must Currently Possess:
Top Secret/SCI
Clearance Level Must Be Able to Obtain:
Top Secret SCI + Polygraph
Public Trust/Other Required:
None
Job Family:
Cyber Engineering
Job Qualifications:
Skills:
Cybersecurity, Information Assurance, Information Security
Certifications:
None
Experience:
8 + years of related experience
US Citizenship Required:
Yes
Job Description:
Own your career as a Information Security Specialist at GDIT. Here, you'll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients' missions and ensuring we anticipate the threats of tomorrow.
At GDIT, people are our differentiator. As a Information Security Specialist you will help ensure today is safe and tomorrow is smarter. Our work depends on Information Security Specialist joining our team to support our Department of Defense (DoD) customer in multiple regions of the Continental United States (CONUS).
HOW AN INFORMATION SECURITY SPECIALIST WILL MAKE AN IMPACT
The successful candidate will participate in software and systems engineering and software systems research to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems. The candidate will design, develop, test, and evaluates information system security throughout the systems development life cycle. You will test, implement, deploy, maintain, and administer the infrastructure hardware and software and conduct risk assessment and provide recommendations for application design and accreditation including ATO and eMASS. You will be responsible for the full range of security issues including architectures, firewalls, electronic data traffic, and network access- Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research. You will participate in the design and development of new systems, applications, and solutions for external customer enterprise-wide cyber systems and networks.
Additionally, you will ensure the logical and systematic conversion of customer or product requirements into total systems solutions that acknowledge technical, schedule, and cost constraints and integrate new architectural features into existing systems and infrastructures, designs cybersecurity architectural artifacts. You will provide architectural analysis and relate existing systems to future needs and trends, embed advanced forensic tools and techniques for attack reconstruction, provide engineering recommendations, and resolve integration/testing issues.
Adhere to DAAPM 2.2, JSIG Rev 4, ICD-503, and other applicable documentation for our systems and architectures.
Develop and sustain the Security Authorization or Assessment and Accreditation (A&A) for pertinent systems.
Maintain coordination with customers and stakeholders to ensure realistic schedule milestones are achieved.
Deliver all required documentation as directed and needed.
Ensure all Security Authorization documentation is updated as required and in concert with established or developed RMF documentation.
Develop schedules and requirements to achieve Authority to Operate (ATO) and lead the team to the successful achievement of IATO and ATO.
Collect and document relevant governing authority Security Controls.
Develop Security/RMF Packages and perform any modifications throughout the lifecycle of the information system.
Collaborate with key stakeholders to identify additional controls that are applicable to ensure positive security postures.
Provide oversight and advisory activities as needed.
Develop and deliver all Plans of Actions & Milestones (POA&Ms) for each system as needed.
Participate in project discussions and support stakeholder communications by working and communicating directly with the customer.
Identify, track, and report security requirements throughout security process of all information systems which are assigned.
Provide timely and detailed responses to all requested information requests.
Learn and sustain knowledge and understanding all system configurations, architecture, and installed software.
WHAT YOU'LL NEED TO SUCCEED:
Certifications required: Security+
Certifications Preferred: CISSP, CCSP, CE|H, ITILv4, AWS Cloud Practitioner, AWS Certified SysOps Administrator, Linux Essentials, MCTS, CCAP, CSCP, CSIS, CIOS, Cloud+, Network+, A+, Project+, HBSS, AES, SPLUNK, ACAS, and eMASS Certified
Education: Bachelors or Higher
Required Years of related Experience: 8+
US Citizenship Required
GDIT IS YOUR PLACE:
● 401K with company match
● Comprehensive health and wellness packages
● Internal mobility team dedicated to helping you own your career
● Professional growth opportunities including paid education and certifications
● Cutting-edge technology you can learn from
● Rest and recharge with paid vacation and holidays
The likely salary range for this position is $116,979 - $138,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Scheduled Weekly Hours:
40
Travel Required:
None
Telecommuting Options:
Onsite
Work Location:
USA VA Springfield
Additional Work Locations:
Total Rewards at GDIT:
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation's most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real.GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
Sr. Cyber Security Engineer
Information Security Analyst Job 16 miles from Gaithersburg
Piper Companies is seeking a Sr. Cybersecurity Engineer to join a large homebuilder and mortgage financing organization based in Reston, VA. The Sr. Cybersecurity Engineer will analyze, design, configure, and monitor our network and cloud environment.
Responsibilities of the Sr.
Cybersecurity Engineer include:Develop, implement, and manage security measures and controls to safeguard systems, infrastructure, data, and security platforms.
Contribute significantly to our Data Security Program by engineering the deployment, configuration, and management of data security protection technologies and data classification.
Act as a security advisor for various ad-hoc security projects driven by business and IT developments.
Collaborate on security engineering efforts involving platforms like Security Information and Event Management, Endpoint Detection and Response, and Vulnerability Management.
Aid in developing and enforcing security policies, standards, and procedures to uphold the confidentiality, integrity, and availability of information assets.
Evaluate and implement new security technologies, tools, and methodologies.
Qualifications for the Sr.
Cybersecurity Engineer: 5+ years of security engineering experience in a diverse and fast-paced large enterprise environment.
Proficiency in deploying, configuring, and managing various security solutions and platforms like DLP, CASB, SIEM, EDR, Firewalls, IDS/IPS, or MDM.
Experience collaborating with software development teams to support Dev/Sec/Ops efforts, including code scanning, secrets scanning, or code reviews.
Microsoft cloud security technologies such as Microsoft Purview, Microsoft 365 Defender, Microsoft Defender for Endpoint and Cloud, and Microsoft Sentinel.
Familiarity with common cybersecurity platforms and solutions like SIEM, EDR, and Vulnerability Management.
Compensation for the Sr.
Cybersecurity Engineer:Salary Range: $140,000 - $150,000Full benefits: Healthcare, Dental, Vision, 401k, Flexible work schedule Keywords: #LI-CR2 #LI-ONSITE Cybersecurity Engineer, Security Engineering, Data Security, DLP, CASB, SIEM, EDR, Firewalls, IDS/IPS, MDM, DevSecOps, Code Scanning, Cybersecurity Principles, Microsoft Cloud Security, Microsoft 365 Defender, Web Application Firewall, WAF, Networking Technologies, Vulnerability Management, SAST, DAST, SCA, Python, PowerShell, Microsoft Azure, SC-100, SC-200, SC-300, Security+, CySA+, SSCP, DevSecOps Pipeline
Intrusion Detection Analyst
Information Security Analyst Job 19 miles from Gaithersburg
Tyto Athene is searching for a Intrusion Detection Analyst to support our customer in Washington, DC.
Responsibilities:
Accurately review, annotate, and resolve security incidents tasked by the Intrusion Detection Team, Watch Officer, SOC management or other SOC teams 24 hours a day, 7 days a week, which is subject to change based on AOUSC needs.
Conduct Incident Triage to prioritize newly identified security incidents for follow-on action. Identify all relevant data sources for initial collection to determine prioritization and resource application based on the criticality of the incident. Conduct immediate actions to evaluate and contain threats as necessary in accordance with the Judiciary Security Operations Center Incident Response Plan (JSOCIRP), Incident Response Operations Guide, and any other published SOC operations guides and manuals. Please see SLA SOC3.
Perform deep dive analysis (manual and automated) of malicious links and files.
Ensure efficient configuration and content tuning of shared SOC security tools to eliminate or significantly reduce false alert events.
Provide Executive Summary in accordance to IDT Operations Guide.
Provide 5W briefing slides for each event for leadership briefing.
Provide on demand time/trend/event based metric reports for SOC management.
Provide clear and actionable event notifications to customers. Notifications to customers will be clear and provide sufficient detail for a mid-level system or network administrator to understand what has occurred and what needs to take place to remediate the event.
Coordinate and provide direct support to local incident responders at the circuit, local court unit and program office levels. Provide notifications, guidance and end to end incident response support to local incident responders to ensure the appropriate actions are properly taken to detect, contain, eradicate and recover from identified security incidents. Coordinate with various other SOC teams to leverage the appropriate resources to enable local incident responders. Participate in course of action (COA) development and execution as necessary.
Document all communications and actions taken in response to assigned incidents in the SOC ticketing system. Ensure tickets are properly updated in a timely manner and all artifacts are included. Escalate any concerns or requests through the Contractor management as necessary.
Directly support the Judiciary Special Tactics and Active Response (JSTAR) team and provide incident response support for critical security incidents as they arise.
Perform appropriate event escalation for events, notifications, and non-responsiveness from customers. Contractors shall track all notifications in the SOC ticketing system and escalate tickets to Watch Officers or SOC management in cases where the customer is non-responsive or requires clarification that is outside the scope of the normal operations. Contractors will be familiar with the JSOCIRP escalation and reporting procedures.
Continuously review and update the Incident Handlers (IH) Guide and provide recommendations to annual updates for the JSOCIRP. All SOPs and Op Guides are federal government property. Contract staff provide recommendations in draft form for federal management review, approval and adoption.
Incident Responders must be able to perform the tasks and meet the skills, knowledge and abilities as described in NIST Special Publication 800-181 National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework for the role of Cyber Defense Incident Responder
Required:
6 years of security intrusion detection examination experience involving a range of security technologies that product logging data; to include wide area networks host and Network IPS/IDS/HIPs traffic event review, server web log analysis, raw data logs;
Ability to communicate clearly both orally and in writing.
Working experience with Splunk SIEM.
At least three years of experience working at a senior level, performing analytics examination of logs and console events and creating advance queries methods in Splunk or advance Grep skills, firewall ACL review, examining Snort based IDS events, Pcaps, web server log review, in SIEM environments
Education/Certifications:
Bachelor's degree in information systems, Computer Science or related field is preferred. // Splunk Fundamentals I & II certification.
Clearance Requirement:
Public Trust
Location: This role is on-site in Washington, DC
Hours of Operation/Shift:
Sat-Sun (7:00am - 7:30pm) & Tues-Wed (3PM-11:30PM)
Information System Security Officer
Information Security Analyst Job 18 miles from Gaithersburg
Requirements:
8+ years of federal information systems security experience to include support for both financial and information security external audits.
BS in related field.
Minimum of two (2) years of FISMA experience
One or more of the following certifications: CISM, CISSO, FITSP-M, GCIA, GCSA, GCIH, GSLC, GICSP, CISSP-ISSMP or CISSP
Duties & Responsibilities:
Designing and implementing solutions for protecting the confidentiality, integrity, and availability of sensitive information.
Provides technical evaluations of customer systems and assists with making security improvements.
Participates in design of information system contingency plans that maintain appropriate levels of protection and meet time requirements for minimizing operations impact to customer organization.
Conducts security product evaluations, and recommends products, technologies, and upgrades to improve the customer's security posture.
Technical Skills:
Demonstrated experience with RMF and applying the NIST Cybersecurity Framework.
In-depth knowledge of federal information system security policy, industry best practices, security control assessments, Plan of Action and Milestones (POA&M) management, system authorizations, configuration management, and system analysis
Experience designing and implementing solutions for protecting the confidentiality, integrity, and availability of sensitive information.
Expert providing technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, and security implementation.
Experience designing and implementing solutions for protecting the confidentiality, integrity, and availability of sensitive information.
Experience using CSAM.
Solid understanding and application of NIST Special Publications including SP 800-53, SP 800-137, SP 800-171, and SP 800-37.
Solid understanding of FISMA and IT audit requirements.
Ability to work with cooperatively and at a technical level with developers, engineers, and managers on system teams.
Knowledge of current and past cybersecurity threats and vulnerabilities.
Information System Security Officer ("ISSO")
Information Security Analyst Job 24 miles from Gaithersburg
Zachary Piper Solutions is currently seeking an ISSO who will support a government contract located in Suitland, MD. Responsibilities for the ISSO:Proposing, coordinating, implementing, and enforcing information system security policies, standards and methodologies based on the JSIG to support MAG locally with oversight via the government customer.
Performing vulnerability assessments using the Assured Compliance Assessment Solution (ACAS), Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG), and the Security Content Automation Protocol (SCAP) Compliance Checker, incorporating automated Benchmarks.
Implementing operating systems and network devices security configuration in accordance with Defense Information Systems Agency (DISA) approved Security Technical Implementation Guides.
Performing security control continuous monitoring, security audits, risk analysis and developing mitigation strategies for DoD information systems.
Identifying Common Criteria and National Information Assurance Partnership (NIAP) certified technologies and the DISA Approved Products List (APL).
Preparing certification letters and Memoranda's of Agreements (MoA) and Memoranda's of Understanding (MoU) with system owners for interface and networking implementations.
Qualifications for the ISSO:· 5 to 10 years of experience· Security Plus Certification or similar certifications· Top Secret ClearanceCompensation for the ISSO:$100,000 - $160,000 *Depending on Experience and CertificationsCigna Medical, dental, vision, 11 Holiday, 401k, 2-week PTO#LI-SH2Keywords: ISSO, POA&M, STIGS,