Information Security Compliance Engineer

[ad_1]

Overview:

The Information Security Compliance Engineer will support the NCATS Cybersecurity Services (CSS) team in implementing the NIST 800-53 security controls and assist the infrastructure teams with technical security support. Oversee the security posture of NCATS systems, inventory, and applications. Provide Risk Management Framework (RMF) support. Assist in the remediation of Plan of action and miles stones (POA&M) by. Provide analysis of day-to-day security activities, identify, and manage cyber risks, prepare remediation plans, be able to effectively draft compliance documentation. Establish security impact analysis guidelines, perform security controls compliance and remediation process reviews for the on-premises and cloud environments related security systems. The Infosec Compliance Engineer will also use the expertise to manage security incident workflows and waivers. Provide strategic design guidance to all the stakeholders to translate security and business requirements into technical designs; configure and validate secure complex systems; and help test security products and systems to detect security weakness.

REQUIRED QUALIFICATIONS:

Have hands on Linux/Unix experience and know how secure the systems.
Understand how to implement security controls based on NIST 800-53.
Must be familiar with networking and other infrastructure components such as traffic flow, access management and Active Directory etc.
Be able to manage and administer the security tools and have hands on working experience with Tenable Nessus, Netsparker, McAfee suite, Palo Alto, BigFix, Splunk, etc. and cloud-based equivalents.
Assist in security incident response efforts.
Work with other teams to integrate the NCATS Threat and Vulnerability Management processes with the patching cycles, baseline configurations and CIS benchmarks.
Must be familiar with database server architecture and be able to provide security support to the database team.
Must be familiar with Cloud environments and tools.
Be able to manage cyber risks, secure system designs, baseline configuration assistance and administer ATO preparation activities.
Must be familiar with Risk Management Framework (RMF) and Government mandates such as continuous diagnostic mitigation (CDM) and Binding operations directives (BODs)
Identify, analyze, and develop mitigation or remediation actions for POA&Ms
Assist with a reliable patch and compliance management mechanism for all cloud systems.
Recommend, configure, and install advanced firewalls and centrally manage other security tools in multiple cloud environments.

PREFERRED QUALIFICATIONS:

BS degree in computer science, computer engineering, information systems, privacy engineering or related field of study.
Bachelor’s degree in a relevant technical discipline and 4+ years of overall related IT security compliance experience. 5+ years of additional related years of experience is accepted in lieu of a degree.
Experience working with NIST 800-53 series guidance.
Familiarity with Windows/Unix/Linux platforms.
Familiarity with DevOps pipelines, code scanning, penetration testing etc.
Experience in security compliance documentations such as SARS, Waivers, Contingency plans etc.

Benefits

100% Medical, Dental, and Vision Coverage for Employees
Educational Benefits for Career Growth
Paid Time Off (including Holidays)
Employee Referral Bonus
Profit Sharing
401k matching
Flexible Spending Accounts:
Healthcare (FSA)
Parking Reimbursement Account (PRK)
Dependent Care Assistant Program (DCAP)
Transportation Reimbursement Account (TRN)

The diversity of Zero Trust employees is a tremendous asset. We are firmly committed to providing equal opportunity in all aspects of employment and will not tolerate any illegal discrimination or harassment-based age, race, gender, religion, national origin, disability, marital status, covered veteran status, sexual orientation, status with respect to public assistance, and other characteristics protected under state, federal, or local law and to deter those who aid, abet, or induce discrimination or coerce others to discriminate.

Accessibility: If you need an accommodation as part of the employment process please contact – careers@axleinfo.com

Disclaimer: The above description is meant to illustrate the general nature of work and level of effort being performed by individual’s assigned to this position or job description. This is not restricted as a complete list of all skills, responsibilities, duties, and/or assignments required. Individuals may be required to perform duties outside of their position, job description or responsibilities as needed.

[ad_2]

Source link


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *