System Security Engineer Job at By Light Professional IT Services LLC
Overview:
By Light is looking for an experienced Systems Engineer to provide support to our client at the Department of Health and Human Services. The right candidate should be able to work within a team or independently to help support and imporve the security posture of Grants.gov
Responsibilities:
- The candidate shall ensure the Grants.gov system adheres to all applicable federal and agency regulations, policies, standards and requirements with regards to IT system security, privacy, and compliance.
- The candidate shall manage the security-related processes required for obtaining an ATO for the Grants.gov system.
- The candidate shall support and facilitate the security control assessment activities including participating in interviews, providing evidence of implementation of controls, and providing support for systems and platforms verification scans.
- The candidate shall analyze and remediate any security findings (POA&Ms) in order to obtain the ATO.
- The candidate shall ensure the confidentiality, reliability, integrity, availability, and performance of the Grants.gov system.
- The candidate shall perform information security risk management, vulnerability management, incidence response, disaster recovery and data backup planning and operations.
- The candidate shall deliver Security Documentation as required by federal standards and directed by the client, any documentation required for ATO or on-going authorization including the System Security Plan, Incident Response Plan, Configuration Management Plan, Contingency Plan, HW/SW list, and Contingency Plan Test Results
- Help product engineering teams adopt and integrate security capabilities into their product and software development lifecycles
- Provide subject matter expertise on secure architecture, design and coding practices based on current knowledge of security threats and vulnerabilities that could impact the technology stack.
- Support definition of Secure SDLC standard to include security architecture, design and coding requirements for infrastructure, application and data to align with application security maturity model and adopt a shift-left approach for security.
- Evaluate various application security tools including SAST, DAST, SCA, IAST and Pen Testing and operationalize security tools for integration with CI/CD.
- Develop security controls and processes for products and services developed and deployed for both on-prem and cloud environments.
- Perform threat modeling, conduct security architecture reviews and provide training to architects and developers to enhance adoption of secure coding practice within the product development lifecycle.
- College Degree or equivalent hands on experience
- 3 to 5 years as Security Engineer supporting large size application with a DR site
- Experience working in a government environment
- Excellent communication skills
- Experience working through the process of obtaining and maintaining an ATO
- Security related training and certifications
- Experience using security tools such as Fortify, WebInspect, FindSecureBugs, CheckStyle, PMD, wireshark, nmap, threadfix, SD Elements
- Experience with DevSecOps
Position Requires ability to get a Public Trust.
By Light does not require COVID-19 vaccinations or boosters; vaccination requirements and testing are subject to the status of the federal contractor mandate and customer site requirements; testing is at the cost of the employee.
Please Note :
caminobluff.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, caminobluff.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.