Post Job

Security Architect Entry Level jobs

- 13 Jobs
  • Cyber Security Architect II

    Athena Technology Group, Inc. 3.1company rating

    Norfolk, VA

    Support the Naval Sea Systems Command Code 03S (NAVSEA 03S) Digital Industrial Operations (DIO) efforts concerning information technology services in support of the Navy Maritime Maintenance Enterprise Solution (NMMES) Program. Primary Duties and Responsibilities: + Relies on extensive experience and judgment to plan and accomplish goals and independently performs a wide variety of complicated tasks. + May provide consultation on complex projects and is considered to be the top level contributor/specialist. Performs a variety of routine project tasks applied to specialized technology problems. + Tasks involve integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to Information Assurance requirements. + Conducts security assessments and security consulting services. + Analyzes information security requirements. + Knowledgeable about DoD and DoN Information Assurance rules and regulations. + Under general supervision, designs, develops, engineers and implements solutions to MLS requirements. Gathers and organizes technical information about an organization's mission goals and needs, existing security products and ongoing programs in the MLS arena. + Performs risk analyses, which also includes risk assessment. + Provides technical support for secure software development and integration tasks, including reviewing work products for correctness and adhering to the design concept and to user standards. + Knowledgeable of Security/IA products such as PKI, VPN, firewalls, and intrusion detection systems. + Analyzes and recommends resolution of security/IA problems on the basis of knowledge of the major IA products and services, an understanding of their limitations, and knowledge of the IA disciplines. Qualifications: + Familiar with a variety of the field's concepts, practices, and procedures Desired: Education: Minimum of 0-5 years of applicable experience? Years Experience: Experience with IT and Cybersecurity ? Physical and Environmental Conditions: + Normal Office Environment. Requires Sitting, Standing, Near Acuity, Speaking with colleagues and customers, Listening, Sight, Use of hands/fingers. This position description is not intended as, nor should it be construed as, exhaustive of all responsibilities, skills, efforts, or working conditions associated with this job. This and all positions are eligible for organization-wide transfer. Management reserves the right to assign or reassign duties and responsibilities at any time. Company Overview: Athena Technology Group, Inc. (ATG) is a Service-Disabled Veteran Owned Small Business (SDVOSB) focused on Information Technology and Communications consulting, system engineering, integration, deployment and operation of state of the art command and control and information systems that deliver critical network centric solution to the warfighter. With a proven track record of technical support to our customers, we are looking for innovative industry professionals to join our team. ATG offers a generous compensation package including health, dental, vision, 401(k), group life insurance, educational reimbursement, among other benefits. We value our employees and strive to offer many opportunities for professional growth. ATG is an Equal Opportunity/Affirmative Action Employer Minorities/Females/Vets/Disability
    $109k-154k yearly est. 60d+ ago
  • AWS Architect

    360 It Professionals 3.6company rating

    Herndon, VA

    360 IT Professionals is a Software Development Company based in Fremont, California that offers complete technology services in Mobile development, Web development, Cloud computing and IT staffing. Merging Information Technology skills in all its services and operations, the company caters to its globally positioned clients by providing dynamic feasible IT solutions. 360 IT Professionals work along with its clients to deliver high-performance results, based exclusively on the one of a kind requirement. Our services are vast and we produce software and web products. We specialize in Mobile development, i.e. iPhone and Android apps. We use Objective C and Swift programming languages to create native applications for iPhone, whereas we use Android Code to develop native applications for Android devices. To create applications that work on cross-platforms, we use a number of frameworks such as Titanium, PhoneGap and JQuery mobile. Furthermore, we build web products and offer services such as web designing, layouts, responsive designing, graphic designing, web application development using frameworks based on model view controller architecture and content management system. Our services also extend to the domain of Cloud Computing, where we provide Salesforce CRM to effectively manage one's business and ease out all the operations by giving an easy platform. Apart from this, we also provide IT Staffing services that can help your organization to a great extent as you can hire highly skilled personnel's through us. We make sure that we deliver performance driven products that are optimally developed as per your organization's needs. Take a shot at us for your IT requirements and experience a radical change. Job Description Role : AWS Architect Location : Herndon, VA Type : Contract Length : 6+ months Job Summary: · Designing and deploying scalable, highly available, and fault tolerant systems on AWS · Lift and shift of an existing on-premises application to AWS · Ingress and egress of data to and from AWS · Selecting the appropriate AWS service based on data, compute, database, or security requirements · Identifying appropriate use of AWS architectural best practices · Estimating AWS costs and identifying cost control mechanisms Additional Information Thanks and Regards, Happy Singh 847 258 9595 Ext:- 408 happy.singh(@)itconnectus.com
    $120k-156k yearly est. 60d+ ago
  • Manager, Information Security Office Consultant

    Working at Capital One

    McLean, VA

    Center 3 (19075), United States of America, McLean, VirginiaManager, Information Security Office Consultant At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security and Risk Management. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with technologies like Cloud services, Containers, Docker, Microservices, Serverless, APIs, DevOp and micro-segmentation. Security is essential to what we do here, from protecting our customers to our associates. Responsibilities: Act as a central point of contact for your line of business to the rest of Capital One's Information Security and Risk Management Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have a deep passion for Securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives Basic Qualifications: High School Diploma, GED, or equivalent certification At least 4 years of experience providing guidance and oversight of Security concepts At least 3 years of experience performing security risk assessments and security architecture reviews At least 3 years of experience with Architecture design, software design, networking or Cloud infrastructure Preferred Qualifications: Bachelor's Degree 6+ years of experience with Architecture design, software design, networking or Cloud infrastructure 4+ years of experience in securing a public cloud environment (AWS, GCP, or Azure) 2+ years of experience utilizing Agile methodologies 2+ years of experience in Enterprise Monitoring 2+ years of experience with technologies supporting finance, fintech, banking, payment cards, or a related domain 2+ years of experience with web and mobile application security, and solid understanding of the OWASP Top Ten 2+ years of experience with security testing, such as penetration testing, red teaming, vulnerability scanning, SAST and DAST 2+ years of scripting or programming experience (Python, SQL, PHP, PowerShell) Professional certifications such as AWS Certified Solutions Architect or Certified Information Systems Security Professional (CISSP) At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, or another type of work authorization). The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. New York City (Hybrid On-Site): $201,400 - $229,900 for Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at RecruitingAccommodation@capitalone.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to ********************** Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).
    $201.4k-229.9k yearly 60d+ ago
  • Information Systems Security Manager

    Booz Allen Hamilton 4.9company rating

    Chantilly, VA

    Key Role: Serve as an Information Systems Security Manager (ISSM) responsible for the Risk Management Framework (RMF) authorization of assigned Information Systems (IS). Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security plan. Conduct periodic assessments of authorized systems and ensure corrective actions for all identified findings and vulnerabilities are addressed in a timely manner. Assume responsibility for all RMF continuous monitoring activities for authorized systems, including periodic analysis of collected audit records and system vulnerability management cycle. Monitor system incident recovery processes to ensure security features and procedures are properly restored and functioning correctly. Ensure user activity monitoring data is analyzed, stored, and protected in accordance with our program policies and procedures and execute a strong continuous monitoring strategy. Serve as a career manager for Information Systems Security Officers (ISSOs). Basic Qualifications: Experience with NIST 800-53, ICD 503, and RMF practices, Security Technical Implementation Guides (STIGs), computer networking, and an operating system Experience with system administration functions in a networked environment Knowledge of the National Industrial Security Program Operating Manual (NISPOM), Joint Special Access Program Implementation Guide (JSIG), Intelligence Community Directives (ICD) 503 and 703, the RMF process, and associated NIST publications Knowledge of government classified contracts and DD 254 requirements from an information security perspective TS/SCI clearance HS diploma or GED IAM Level III Certification Additional Qualifications: Experience as an ISSO, ISSM, Information Systems Security Engineer (ISSE), or Security Controls Assessor Ability to operate independently without supervision Ability to work in a team environment and effectively manage ISSOs Ability to identify, contain, investigate, and report data spills to the government through preliminary written reports Ability to coordinate the containment and device sanitization with staff at the affected locations Ability to provide an assessment and mitigation strategy addressing the data spill in the approved response plan Possession of excellent organizational skills Possession of excellent verbal and written communication skills Bachelor's degree CCNA, Red Hat, or Windows Certification Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required. Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $75,600.00 to $172,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Work Model Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely. If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility. If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role. EEO Commitment We're an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change - no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.
    $75.6k-172k yearly 12d ago
  • Junior Personnel Security Specialist

    Intrepid 4.3company rating

    Quantico, VA

    Intrepid sets the standard for delivering excellence in the federal marketplace and is known for treating employees like family. We provide our employees with a challenging and supportive work environment, paired with a competitive salary and an industry-leading 401k contribution. We are looking for a Junior Personnel Security Specialist to join our team in supporting the Federal Bureau of Investigation (FBI) in Quantico, VA. Your day-to-day work will include: * Reviewing SF85, SF85P, and SF86 security questionnaires. * Initiating new employee onboarding in PSIP: e-QIP investigation/review/submissions. * Managing personnel eligibility status in DISS. * In/Out Processing using DISS/JPAS (Owning/Servicing). * Systems Access complete AMPS/SAAR Requests. * Processing DD Form 2875 and RSN Form 101. * Administering SF 312s for security clearance access. * Foreign Travel (APACS Requests). * Foreign Travel Tracking. * Providing foreign travel and Antiterrorism briefs. * Compiling pre-travel requirements: training, ISOPREP. * Assisting new and existing applicants with filling out their e-QIP. * Receiving and action correspondence from the DOD-CAF for derogatory cases requiring action by the employee/applicant. * Inputting derogatory information into DISS. * Receiving and action correspondence that allows un-cleared contractors to obtain a CAC based on. * Interim Adjudication (coordinate with TASS). * Tracking status of investigative/adjudicative process to ensure the Trusted Agent is notified of those individuals not entitled to keep their issued CAC. * Receiving and action correspondence from the CAF regarding derogatory information disclosed during the HSPD-12 investigation and correspond with the contractor for resolution. * Tracking credentialing processes and ensure Trusted Agents are executing credentialing functions properly by having them check in TASS to ensure contract eligibility for CAC. * Conducting fingerprints for civilians Suitability, Fitness, Credentialing for organization. Fingerprinting (electronic and ink processes). * Data input and hard-copy mail or electronic transfer of fingerprints to appropriate agencies. * Submission of investigation requests via PSIP, in support of HSPD-12 for civilian hires, contractors, etc. * Conducting required security orientation, refresher training, and security briefings for assigned personnel. At a minimum you should have: * An active TOP SECRET security clearance. * A bachelor's degree in a non-STEM field and 1-3 years of experience in the security field OR a high school degree and 5+ years of experience in the security field. * Knowledge, experience, and proficiency using OPMs Personnel Security Investigations Portal (PSIP). * Experience, education, or training that demonstrates the ability to follow directions, to read, understand, and retain a variety of instructions, regulations, and procedures and a validated understanding of the basic principles and concepts. * All employees may be called upon to provide their knowledge and/or expertise to proposal efforts including contract re-competes. This job description is subject to change at any time. Work Type: On-Site (Quantico, VA) Estimated Hourly Rate: $50,000 - $60,000 The provided salary range serves as a broad reference. However, Intrepid takes various factors into account when establishing base salary offers, including the position's scope and responsibilities, as well as the candidate's experience, education, skills, and prevailing market conditions. Work/Life at Intrepid Wondering what it's like to work here? Let us give you a glimpse of our exceptional workplace culture. Our employees have consistently nominated us for the Best Places to Work award and we take pride in our family-like environment, remarkable benefits, and go-the-extra-mile attitude. The Hours We sincerely value work-life balance. Our flexible-hours policy allows you to balance extra time during significant projects with days that are lighter. Moreover, we offer generous accrual of paid personal leave that doesnt lose its value (no use it or lose it here!) as well as 11 paid holidays per year. The Benefits Our benefits are renowned, starting with our outstanding 401k program. No match required! We contribute 14% of your bi-weekly pay to your account regardless of your contribution. With our low-fee index funds from Fidelity, your retirement savings will grow substantially. Plus, your professional financial advisors are already covered! Our top-notch health insurance plan through Blue Cross Blue Shield includes low deductibles ($200/year) and is mostly covered by Intrepid, or you can choose a high-deductible plan with an eligible HSA, the choice is yours! We also provide complimentary life insurance, affordable dental, vision, disability, critical illness, and pet insurance. Additionally, you can set aside pre-tax dollars for medical and dependent care expenses through an FSA. We even offer a $1000 scholarship for newborn or adopted children, as well as those enrolled in higher education. The Perks Enjoy typical perks like corporate discounts as well as unique experiences as an Intrepid employee. You'll be a VIP at our annual events, including the Chili Cook-Off, Thanksgiving Lunch & Lawn Games, Ice-Cream Social, Intrepig BBQ, and the grand end-of-year Christmas bash with amazing prizes! Remote workers have special virtual engagement opportunities and exclusive events so no one is left out of the fun. Give Back Giving back is ingrained in our values. Through our employee-managed charitable fund, the Intrepid Ideal Community Fund (ICF), we contribute tens of thousands of dollars each year to organizations that help people in need. Join us in various volunteer opportunities and help us make a difference in our communities. Our vision is to one day create ideal communities where every citizen's needs are met. Join Us! There's something for everyone at Intrepid. If our benefits, perks, values, and mission resonate with you, we're thrilled to meet you! Start your journey as an Intrepid employee by applying today. We can't wait to hear from you! About Intrepid: Intrepid is a VEVRAA Federal Contractor and an Equal Opportunity Employer, committed to making employment decisions based on merit and value. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. #CJ
    $50k-60k yearly 34d ago
  • JUNIOR - MID Information Security Engineer

    Trustedqa, Inc.

    Newport News, VA

    Cybersecurity Newport News , VA Jan 11, 2024 Join **TrustedQA** **(TQA)** and be a part of the team of experienced Software Developers and Systems Engineers on the Global Command and Control System - Joint (GCCS-J) program in Newport News, VA, where our team is solving some of the world's most complex technical challenges. We have an opening for an **Information Security Engineer** to support the maintenance and achievement of the program's Authorization(s) to Operate (ATO) by conducting secure code reviews, identifying potential security concerns across a variety of technologies, applying programming and security knowledge to assist developers in mitigating these vulnerabilities as part of a secure coding process, and exploring methods of improving the overall security posture of the GGCS-J program. This federal program requires **US citizenship** and **an active DoD Secret** **Clearance** for consideration. Work will be conducted primarily in our secure lab. We offer excellent benefits, competitive compensation packages, career advancement opportunities, and a great work environment! Check out our reviews on Glassdoor.Recognized as one of , we offer excellent benefits, competitive compensation, and real career growth opportunities. At TQA, you have an opportunity to make an immediate impact on your team by providing innovative IT solutions and professional services support for missions of national significance covering Intelligence, Defense, and Federal Civilian customers. Our employees value the balance between quality work and their personal lives that TQA provides. We offer competitive compensation, benefits, and learning and career development opportunities. Our broad and competitive mix of benefits options are designed to support and protect employees and their families' physical, mental, and financial health. Check out our reviews on **Glassdoor** !
    25d ago
  • Information Systems Security Manager - Advanced

    Rividium

    Chantilly, VA

    RiVidium Inc, (dba TripleCyber), is seeking an individual to be responsible for the cybersecurity of a program, organization, system, or enclave. Responsibilites and abilities for this position shall include, but not limited to: Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk. Acquire necessary resources, including financial resources, to conduct an effective enterprise continuity of operations program. Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture. Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs, policies, processes, systems, and elements. Advise appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture. Collect and maintain data needed to meet system cybersecurity reporting. Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders. Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance. Ensure that security improvement actions are evaluated, validated, and implemented as required. Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment. Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s). Ensure that protection and detection capabilities are acquired or developed using the IS security engineering approach and are consistent with organization-level cybersecurity architecture. Establish overall enterprise information security architecture (EISA) with the organization's overall security strategy. Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed. Evaluate cost/benefit, economic, and risk analysis in decision-making process. Identify alternative information security strategies to address organizational security objectives. Identify information technology (IT) security program implications of new technologies or technology upgrades. Interface with external organizations (e.g., public affairs, law enforcement, Command or Component Inspector General) to ensure appropriate and accurate dissemination of incident and other Computer Network Defense information. Interpret and/or approve security requirements relative to the capabilities of new information technologies. Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program. Lead and align information technology (IT) security priorities with the security strategy. Lead and oversee information security budget, staffing, and contracting. Manage the monitoring of information security data sources to maintain organizational situational awareness. Manage the publishing of Computer Network Defense guidance (e.g., TCNOs, Concept of Operations, Net Analyst Reports, NTSM, MTOs) for the enterprise constituency. Manage threat or target analysis of cyber defense information and production of threat information within the enterprise. Monitor and evaluate the effectiveness of the enterprise's cybersecurity safeguards to ensure that they provide the intended level of protection. Oversee the information security training and awareness program. Participate in an information security risk assessment during the Security Assessment and Authorization process. Participate in the development or modification of the computer environment cybersecurity program plans and requirements. Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations. Provide enterprise cybersecurity and supply chain risk management guidance for development of the Continuity of Operations Plans. Provide leadership and direction to information technology (IT) personnel by ensuring that cybersecurity awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities. Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies. Ability to integrate information security requirements into the acquisition process; using applicable baseline security controls as one of the sources for security requirements; ensuring a robust software quality control process; and establishing multiple sources (e.g., delivery routes, for critical system elements). Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations. Requirements for this position shall include: Bachelor's degree or higher from an accredited college or university (Prefer an accredited Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree, or a degree in a Mathematics or Engineering field.) CISSP-ISSMP or GSLC - IAT, IAM, or IASAE Level 3 Certification
    $89k-122k yearly est. 3d ago
  • Information Systems Security Analyst

    GCI Inc. 4.7company rating

    Virginia

    GCI, embodies excellence, integrity and professionalism. The employees supporting our customers deliver unique, high-value mission solutions while effectively leverage the technological expertise of our valued workforce to meet critical mission requirements in the areas of Data Analytics and Software Development, Engineering, Targeting and Analysis, Operations, Training, and Cyber Operations. We maximize opportunities for success by building and maintaining trusted and reliable partnerships with our customers and industry. At GCI, we solve the hard problems. As an Information System Security Analyst, a typical day will include the following duties: Under the supervision of leadership or senior IA personnel, perform the following functions: Automated scan and test functions to support continuous monitoring, vulnerability analysis, and active technical security control validation. Audit log analysis, report generation and brief findings to IA Divisional Leadership and GCI Management. In coordination with IA Division leadership, aid in the development of information system security policies, CONOPS, guides, etc. Coordinate security investigations of suspected computer security violations, incidents, and compromises in accordance with IA Division Leadership directions and GCI's incident response program. Support and coordinate Information Assurance (IA) processes, procedures, and compliance for all assigned Information Systems (IS). Conduct security audits and ensure that audit trails are reviewed and audit records archived in accordance with GCI security requirements and Federal regulation and frameworks as applicable. Ensures IS are operated, used, maintained and disposed of appropriately in accordance with GCI and/or Customer security procedures, directives, guidelines, regulations, and policies. Support and maintain the system security documentation such as Security Plans, Security Operating Procedures, CONOPS, required policies and documentation to support system compliance for assigned security frameworks (ie NIST RMF/CSF, NISPOM, ICD Publications, CUI, CMMC, etc.), in coordination with the other IA Division staff, the Information System Security Manager (ISSM), as applicable, and IA Division Leadership. Conduct periodic reviews, self-inspections, and/or assessments to ensure IS(s) meet GCI and Customer security requirements. Additionally, and when required, provide support during A&A activities. Conduct user training and awareness activities under the direction of the GCI IA Division Leadership. Participate in self-assessment of system safeguards and program elements and in assessment and authorization of the system. Contribute to Configuration Management (CM) documentation for IS software and hardware as needed to maintain in accordance with GCI Policy and applicable Federal guidelines and regulations Possess a working entry-level knowledge and familiarity with industry "best practices" for Information Assurance as well as applicable information security documents. Candidate must be a self-starter that is mission focused and able to work in a dynamic work environment with a diverse set of personalities. Must be able to take specific directions and progress forward to task completion, with limited engagement from senior leaders once provided with that direction. Strong documentation, analysis, and oral/written communications skills.
    $72k-101k yearly est. 25d ago
  • Information Systems Security Manager

    McIntire Solutions

    McLean, VA

    Title: Information System Security Manager (ISSM) Clearance: TS/SCI with CI Poly (REQUIRED) McIntire Solutions is seeking a Information System Security Manager (ISSM) to support our McLean Customer. Responsibilities include, but are not limited to: + Support customer RMF workflow and processes by proposing, coordinating, implementing and enforcing information system security policies, instructions, standards, and methodologies + Review and approve customer requests related to accesses, devices, and other authorizations + Maintain current system information in XACTA to support organizational requirements and processes Evaluate the impact of network and system changes using RMF processes and approve the changes + Manage multiple projects throughout Authorization and Accreditation (A&A) process from concept to Authority to Operate (ATO) + Coordinate with system stakeholders on mitigating system vulnerabilities outlined in POA&Ms + Submit recommendations to stakeholders for system configuration deviations from the required baseline + Conduct periodic reviews to ensure compliance with SSP + Ensure configuration management for security-relevant IS software, hardware and firmware is maintained and documented + Ensure system recovery processes are monitored to ensure security features and procedures are properly restored + Ensure all IS security-related documentation is current and accessible to properly authorized individuals + Formally notify the appropriate individuals when changes occur that might affect authorization + Participate in governance and project reviews identified by the customer + Require strong documentation skills to create and update policies, process documentation and procedures + Experience with XACTA 360, Continuum and other SCAP Compliant tools + Demonstrated experience with RMF, ICD 503, CNSSI 1253, NIST SP 800-53/53A, and STIGs Required Qualifications: + Bachelor's Degree (in an IT-related field) Powered by JazzHR
    $89k-122k yearly est. 60d+ ago
  • Information System Security Manager (ISSM) II

    Modern Technology Solutions, Inc. 4.6company rating

    Arlington, VA

    Overview Own Your Future. Modern Technology Solutions, Inc. (MTSI) is seeking a Information System Security Manager (ISSM) to join our team. Note, this position requires an Active Top-Secret Clearance with SCI eligibility and prior experience in special access programs (SAP). Why is MTSI known as a Great Place to Work? Interesting Work: Our co-workers support some of the most important and critical programs to our national defense and security. Values: Our first core value is that employees come first. We challenge our co-workers to provide the highest level of support and service, and reward them with some of the best benefits in the industry. 100% Employee Ownership: we have a stake in each other's success, and the success of our customers. It's also nice to know what's going on across the company; we have company wide town-hall meetings three times a year. Great Benefits - Most Full-Time Staff Are Eligible for: Starting PTO accrual of 20 days PTO/year + 10 holidays/year Flexible schedules 6% 401k match with immediate vesting Semi-annual bonus eligibility (July and December) Company funded Employee Stock Ownership Plan (ESOP) - a separate qualified retirement account Up to $10,000 in annual tuition reimbursement Other company funded benefits, like life and disability insurance Optional zero deductible Blue Cross/Blue Shield health insurance plan Track Record of Success: We have grown every year since our founding in 1993 Modern Technology Solutions, Inc. (MTSI) is a 100% employee-owned engineering services and solutions company that provides high-demand technical expertise in Digital Transformation, Modeling and Simulation, Rapid Capability Development, Test and Evaluation, Artificial Intelligence, Autonomy, Cybersecurity and Mission Assurance. MTSI delivers capabilities to solve problems of global importance. Founded in 1993, MTSI today has employees at over 20 offices and field sites worldwide. For more information about MTSI, please visit www. mtsi-va. com. Responsibilities The ISSM's primary function serves as a principal advisor on all matters, technical and otherwise, involving the security of information systems under their purview. Primary support will be working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense, and Military Compartment efforts. The position will provide "day-to-day" support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities Your essential job functions will include but may not be limited to: Perform oversight of the development, implementation and evaluation of information system security program policy; special emphasis placed upon integration of existing SAP network infrastructures Develop and oversee operational information systems security implementation policy and guidelines of network security, based upon the Risk Management Framework (RMF) with emphasize on Joint Special Access Program Implementation Guide (JSIG) authorization process Advise customer on Risk Management Framework (RMF) assessment and authorization issues Perform risk assessments and make recommendations to DoD agency customers Advise government program managers on security testing methodologies and processes Evaluate authorization documentation and provide written recommendations for authorization to government PMs Develop and maintain a formal Information Systems Security Program Ensure that all IAOs, network administrators, and other cyber security personnel receive the necessary technical and security training to carry out their duties Develop, review, endorse, and recommend action by the AO or DAO of system assessment documentation Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media Develop and execute security assessment plans that include verification that the features and assurances required for each protection level functioning Maintain a and/or applicable repository for all system authorization documentation and modifications Institute and implement a Configuration Control Board (CCB) charter Develop policies and procedures for responding to security incidents, to include investigating and reporting security violations and incidents Ensure proper protection or corrective measures have been taken when an incident or vulnerability has been discovered within a system Ensure that data ownership and responsibilities are established for each authorization boundary, to include accountability, access rights, and special handling requirements Ensure development and implementation of an information security education, training, and awareness program, to include attending, monitoring, and presenting local cyber security training. Evaluate threats and vulnerabilities to ascertain whether additional safeguards are needed Assess changes in the system, its environment, and operational needs that could affect the authorization Ensure that authorization is accomplished a valid Authorization determination has been given for all authorization boundaries under your purview Review AIS assessment plans Coordinate with PSO or cognizant security official on approval of external information systems (e. g. , guest systems, interconnected system with another organization) Conduct periodic assessments of the security posture of the authorization boundaries Ensure configuration management (CM) for security-relevant changes to software, hardware, and firmware and that they are properly documented Ensure periodic testing is conducted to evaluate the security posture of IS by employing various intrusion/attack detection and monitoring tools (shared responsibility with ISSOs) Ensure that system recovery and reconstitution processes developed and monitored to ensure that the authorization boundary can be recovered based on its availability level determination Ensure all authorization documentation is current and accessible to properly authorized individuals Ensure that system security requirements are addressed during all phases of the system life cycle Develop Assured File Transfers (AFT) on accordance with the JSIG Participate in self-inspections Conduct the duties of the Information System Security Officer (ISSO) if one is not present and/or available Qualifications Required Experience: Minimum 7 years related experience; 9+ years experience desired Must having working knowledge of DoD, National and applicable service and agency security policy, manuals and standards Prior performance in roles such as ISSO or ISSM Education Requirements: Bachelor's degree in a related discipline or equivalent experience (4 years) Certifications: Must meet position and certification requirements outlined in DoD Directive 8570. 01-M for Information Assurance Manager Level III or Information Assurance Architect and Engineer Level I within 6 months of the date of hire Clearance Requirements: Current Top-Secret Clearance with SCI Eligibility Eligibility for access to Special Access Program Information Willingness to submit to a Counterintelligence polygraph #LI-LS1 #mtsi #lawrenciumsaskatchewantrout #LI-Onsite
    $82k-106k yearly est. 26d ago
  • Information Systems Security Officer III

    Epsilon, Inc. 4.2company rating

    Quantico, VA

    **Who is Epsilon:** Epsilon is an IT Services company that was founded in 2009 and has become an established leader in providing Information Technology services to both Federal Government and Commercial businesses across the United States. Epsilon is known for its solution-focused and innovative approach, aligning technology systems, tools, and processes with the missions and objectives of its customers. Epsilon's headquarters are in Weaverville, NC with other corporate offices in Greenville, SC, Crystal City, VA, and Denver, CO. We have employees in 30+ States across the U.S. **Why work for Epsilon:** In joining Epsilon's team, you will have the opportunity to contribute to Epsilon's business and customer initiatives, as well as influence our brand culture through people interaction and technology advancements. Epsilon invests in our employees by promoting from within and enabling employees to elevate their knowledge and skill set in their profession by allocating $3,000 annually in Professional Development funds. We also offer competitive pay, comprehensive benefits through one of the largest national carriers, Paid Time Off (PTO) that increases with tenure and has a generous rollover, 11 company paid Holidays, and 401(k) with immediate contribution. **Where you'll work:** You will be working onsite at the Marine Corp University's Quantico, VA location. **Our Customer's Mission** : The Marine Corps University (MCU) is a military education university of the United States Marine Corps. Hosted in a unified data center, MCU's Information Technology services are delivered through a wired .edu network and domain, as well as a wireless "Bring Your Own Device" network. Epsilon provides Information Technology services for the MCU including network and systems, data center, service desk, cybersecurity, and audio visual/video teleconferencing. **An average day:** As Information Systems Security Officer III, you will be responsible for ensuring that an appropriate operational security posture is maintained. In this position you will: + Responsible for the day-to-day implementation, oversight, and maintenance of the security configuration, practices, and procedures for each Information System under the ISSOs purview. + Address system security issues. + Ensure compliance with computer security requirements among our employees and students in government-controlled facilities. + ISSO duties and responsibilities fall into following main areas: + Security operations and management (including access control and other policy implementation), + Information Systems security planning/documentation, + Security monitoring and evaluation (including audit, assessment, and risk management) + Security incident reporting and response management + Perform all required information system security certification tasks during definition/concept; development; installation, checkout and verification; penetration testing; and operations and maintenance phases for new or legacy information systems in accordance with the NIST 800 Procedures. **Basic Qualifications:** + As a requirement of this position, all candidates must be a U.S. Citizen. In accordance with 8 U.S.C. 1324b(a)(2)(C) , Epsilon will not consider candidates for this position who do not meet the aforementioned conditions. + Must be certified with an IAT Level III Certification such as: CASP, CISSP, CCNP Security, CISA, GCED, GCIH, CCSP. + Hands-On experience working with the Crowdstrike tool suite is highly desired as the customer is planning to transition away from HBSS endpoint management/monitoring to Crowdstrike endpoint management/monitoring. + Experience in information system security, policy, DISA STIGs, POA&M, RMF (nice to have), HBSS or Crowdstrike and ACAS testing. + Developing information assurance policies and procedures for federal agencies + Conduct of information system audits for federal agencies + Professional writing of reports, policies, and presentations for federal agencies. + Must be familiar with standard certification and accreditation processes and in-depth experience with the NIST 800 series of documents would be advantageous. + Must be able to quickly master new technology / software for the purposes of evaluating or subverting the security functionality of the technology / software. + Security Assessment experience. + Bachelors Degree in related field of study is strongly desired. **Other:** + Must hold active DOD Interim Secret or Secret Clearance. **Physical Demands and Working Conditions:** Listed below are the physical or mental requirements necessary for the job's performance. Reasonable accommodation may be made to enable individuals with disabilities to perform essential job functions: + Prolonged periods of computer desk work. + Dexterity of hands and fingers to operate a computer keyboard and other computer components. + Speaking and hearing are sufficient to converse and understand conversations, both in-person, telephone, and virtual meetings. + The cognitive skills needed to complete tasks, including abilities such as learning, remembering, focusing, categorizing, and integrating information for decision-making, problem-solving, and comprehending. + Ability to learn new tasks, remember processes, maintain focus, complete tasks independently, make timely decisions in the context of a workflow, and the ability to communicate with managers and co-workers. + Mental aptitude to respond appropriately in high-pressure situations or deadline-driven environments. + Maintain a professional emotional response when working with others. **Connect directly with your dedicated recruiter, Jessica, on Epsilon's careers page.** ******************************* Epsilon is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applications will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. EEO/AA: Minorities/Females/Disabled/Vets. Please click here (*********************************************************************************************** to review your rights under EEO policy. If you are an individual with a disability and need special assistance or reasonable accommodation in applying for employment with Epsilon, Inc., please contact our Recruiting department by phone ************ or by email *********************** . \#LI-DNP
    $83k-115k yearly est. Easy Apply 9d ago
  • Junior Information System Security Officer (ISSO)

    Tyto Athene 4.2company rating

    Arlington, VA

    Tyto Athene is searching for an experienced Mid-Level ISSO to support our customer in Arlington, Virginia. Responsibilities: Lead Risk Management Framework Assessment & Authorization (A&A) activities for various information systems Lead the entire RMF cycle for all assigned systems to include: initiation, categorization, selection, implementation, assessment, authorization & continuous monitoring Implement & manage security controls in accordance with the current revision of NIST 800-53 Conduct ongoing security reviews & tests of assigned systems to verify that security features and controls are functional and effective Develop Plan of Action & Milestones (POA&Ms) in response to identified vulnerabilities, and lead remediation efforts Develop security documentations to include, but not limited to, System Security Plans (SSPs), Plan of Actions & Milestones (POA&Ms), and other artifacts to support the Body of Evidence (BOE) Coordinate security testing exercises to include but not limited to: incident response, disaster recovery & contingency activities Review proposed change requests related to system design/configuration and perform a security impact analysis (SIA) to provide approval or denial recommendations Support external & internal audits of designated systems Develop & present, both verbally and in writing, security briefings to all levels of the organization including senior executives (CIO, DCIO & CISO) Required: Bachelor's degree in Computer Science, Information Technology, or related field 3 years of relevant experience Experience with Authority to Operate (ATO) process, continuous monitoring, POA&Ms, Security Authorizations (SA), NIST 800-37, NIST 800-53 Rev4/ Rev5, NSM 8 and working with System Owners Familiarity with information system security principles of NIST 800-171 In-depth knowledge of NIST special publications, CNSS policies and instructions Ability to review, analyze, and interpret technical procedures against customer security requirements Strong communication skills, both written and verbal Desired: Understanding & experience with eMASS or Xacta is a PLUS FedRAMP process & Cloud environments (Azure, AWS) experience preferred Certified Information Security Manager (CISM) (optional but highly recommended) Clearance: Active Secret clearance required Certification: DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released. Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week. Clearances Required Secret Additional Information After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise. Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your career -- it's time to join Team Tyto!
    $83k-110k yearly est. 1d ago
  • Information Systems Security Manager

    McIntire Solutions

    McLean, VA

    Title: Information System Security Manager (ISSM) Clearance: TS/SCI with CI Poly (REQUIRED) McIntire Solutions is seeking a Information System Security Manager (ISSM) to support our McLean Customer. Responsibilities include, but are not limited to: Support customer RMF workflow and processes by proposing, coordinating, implementing and enforcing information system security policies, instructions, standards, and methodologies Review and approve customer requests related to accesses, devices, and other authorizations Maintain current system information in XACTA to support organizational requirements and processes Evaluate the impact of network and system changes using RMF processes and approve the changes Manage multiple projects throughout Authorization and Accreditation (A&A) process from concept to Authority to Operate (ATO) Coordinate with system stakeholders on mitigating system vulnerabilities outlined in POA&Ms Submit recommendations to stakeholders for system configuration deviations from the required baseline Conduct periodic reviews to ensure compliance with SSP Ensure configuration management for security-relevant IS software, hardware and firmware is maintained and documented Ensure system recovery processes are monitored to ensure security features and procedures are properly restored Ensure all IS security-related documentation is current and accessible to properly authorized individuals Formally notify the appropriate individuals when changes occur that might affect authorization Participate in governance and project reviews identified by the customer Require strong documentation skills to create and update policies, process documentation and procedures Experience with XACTA 360, Continuum and other SCAP Compliant tools Demonstrated experience with RMF, ICD 503, CNSSI 1253, NIST SP 800-53/53A, and STIGs Required Qualifications: Bachelor's Degree (in an IT-related field)
    $89k-122k yearly est. 60d+ ago

Learn More About Security Architect Jobs