Security Engineer

• Works closely with the Information Systems Security Manager (ISSM) proposing, coordinating, implementing and enforcing information system security policies, standards and methodologies.
• Implement operating systems and network devices security configuration in accordance with approved Security Technical Implementation Guides (STIGs).
• Collaborate with team members to define and implement cybersecurity requirements for managed systems and software.
• Conduct security assessments of Risk Management Framework (RMF) controls implemented for assigned systems and identify corrective actions and mitigation strategies.
• Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS), Security Technical Implementation Guide (STIG), and the Security Content Automation Protocol (SCAP).
• Perform security control continuous monitoring, security audits, risk analysis and develop mitigation strategies for DoD information systems.
• Assist with assessment and authorization (A&A) activities for hosted computing environments and support Authority to Operate (ATO) and Authority to Connect (ATC) approvals.
• Perform cybersecurity site audits to verify architecture analysis, witness cybersecurity testing and evaluation, and interface with end users regarding IT and data management tools.
• Ensure software, hardware and firmware comply with security configuration guidelines; coordinate changes with ISSM and SCAR/SCA; initiate protective or corrective measures and report security incidents or vulnerabilities.

Information System Security Officer

Senior Cybersecurity Engineer