MetroStar

Senior Cybersecurity Engineer I

MetroStar

full-time

Posted on:

Location: Washington • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $101,000 - $135,000 per year

Job Level

Senior

Tech Stack

AWSCloudCyber SecurityMicroservices

About the role

  • Serve as the principal advisor to the Information System Owner (SO), Business Process Owner, and the CISO/ISSM on all matters involving the security of an information system
  • Ensure implementation and maintenance of security controls in accordance with the Security Plan (SP) and DHS policies
  • Communicate regularly with DHS customers and internal engineering teams to lead required RMF process/steps to assess and authorize a system obtaining and maintaining a full ATO (Authority to operate)
  • Perform monthly continuous monitoring reporting including analysis of scans, logs, accounts, etc.
  • Support writing and reviewing of Risk Management Framework (RMF) documentation packages to support risk assessments
  • Design and execute the security testing plan and perform analyses required to complete RMF package documents for submittal and approval
  • Use vulnerability scanning tools and frameworks to evaluate the security posture of a system
  • Assist the customer in preparing training and table top exercises for contingency planning, incident response and disaster recovery
  • Complete ISSO USCIS provided training as required

Requirements

  • Ability to obtain and maintain a DHS suitability clearance
  • You have at a minimum, a Bachelor’s degree in Computer Science or other comparable degree or experience
  • Minimum five (5) years of IT experience as a Security Lead or Information Security Analyst, with a focus on evaluating, implementing, and managing security practices for new and existing technologies
  • Hold ISSO certifications
  • Experience with Amazon Web Services (AWS) Architecture
  • Experience with Continuous Monitoring and reporting monthly status reports
  • Experience analyzing and reporting cyber security vulnerability scans
  • Experience with requirements analysis, architect, design, and documentation development of cybersecurity and information security solutions
  • Experience performing vulnerability risk analysis on the deficiencies found during RMF control testing
  • Experience with cybersecurity tools and scanners used to evaluate the security posture of the system/enclave (preferred tool experience: Palo Alto Prisma Cloud, BurpSuite, Checkmarx, NexusIQ, SonarQube)
  • Expertise in Agile and DevSecOps approaches
  • Knowledge of web, databases, containers, and application security scanning and reporting for RMF processes, procedures, and governance
  • Knowledge of Cybersecurity, Network, Systems, and Software Engineering best practices
  • Have technical understanding of cloud technologies (i.e., AWS, microservices, zero trust, data streaming, data pipelines, containers, etc.) and their implementation within the customer’s network environments
  • Complete ISSO USCIS provided training as required