Remote Information Systems Security Engineer

Description:

• The Information Systems Security Engineer will direct the design, implementation, and maintenance of cybersecurity solutions to protect digital assets, including networks, applications, databases, and cloud environments.
• This role involves performing regular security assessments, vulnerability assessments, and penetration testing to identify and address potential weaknesses in clients' systems and applications.
• The engineer will collaborate with internal teams and external partners to develop and enforce security policies, procedures, and standards that comply with relevant regulations and industry frameworks.
• Monitoring and analyzing security incidents, responding to security breaches, and directing incident response efforts to minimize the impact of security events are key responsibilities.
• The position requires developing, implementing, and enforcing information systems security policies, ensuring system security requirements are addressed during all phases of the acquisition and Information System (IS) lifecycle.
• Conducting certification and testing by the Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) policies, identifying deficiencies, and providing risk mitigation recommendations is essential.
• The engineer will develop IS artifacts such as Risk Assessments, Security Concepts of Operations (SECONOP), Program Protection Plans, Test Plans, procedures and reports, System Security Plans, and other related documentation.
• Utilizing testing methods, automated tools, plans, and procedures to verify compliance and vulnerability requirements is part of the role.
• Assessing and mitigating system security threats or risks throughout the program life cycle is required.
• The engineer will review Plans of Action and Milestones (POA&Ms) to ensure weaknesses are identified, effective/acceptable mitigation strategies are planned, and timelines are acceptable.
• Assisting in the development of security processes and implementation of automated tooling that prevent security issues is expected.
• Staying up-to-date with emerging cybersecurity threats, trends, and technologies, and proactively recommending adjustments to security strategies as needed is crucial.
• Providing expert guidance and support to junior cybersecurity team members, fostering professional growth and knowledge sharing is part of the job.

Requirements:

• Candidates must have at least three (3) years of experience as an Information Systems Security Engineer (ISSE) on programs and contracts of similar scope, type, and complexity.
• Familiarity with System Life Cycle Development (SDLC) methodologies and the 800 series of NIST Special Publications is required.
• Practical knowledge of IT audits and the full security assessment process is necessary.
• Familiarity with the use and operation of cybersecurity tools such as security scanners (Qualys), CIS Benchmarks, and automated compliance checkers (STIG) is essential.
• Expert-level familiarity with Microsoft Office Suite (Word, Excel, PowerPoint, Teams, Outlook, Visio, Project, etc.) is required.
• Exceptional verbal and written communication skills are necessary, with the ability to collaborate across teams and organizations, including senior-level management.
• Candidates must be able to explain complex cybersecurity concepts to individuals with varying levels of cyber experience.
• A BS or BA in Computer Science, Information Assurance, Computer Engineering, or a related discipline is preferred but not required.
• Fluency in English is mandatory.

Benefits:

• The position includes a Quest Bonus Program (QBP) of 5% based on the employee's hierarchical level, paid once a year according to accumulated annual income and business performance.
• Employees will receive an additional thirteenth salary as mandated by law.
• Life insurance coverage is provided for 36 months of the employee's base monthly salary.
• Private medical insurance is offered through Palig (PanAmerican Life Insurance).
• Dental coverage is provided through Sigma Dental.
• An annual ophthalmological reimbursement of USD $100.00 is included.
• The Telework Program offers a FLEX subsidy of $50 monthly for internet/electricity expenses.