Information Systems Security Officer, ISSO
CGS Federal (Contact Government Services)
Cyber Security
Cybersecurity Engineer
Sigma Defense Systems LLC
full-time
Posted on:
Origin: • 🇺🇸 United States
Visit company websiteSalary
💰 $105,000 - $120,000 per year
Job Level
JuniorMid-Level
Tech Stack
Cyber Security
About the role
- Evaluate the security posture of systems and recommend improvements to meet compliance or risk mitigation objectives.
- Assist in the certification and accreditation of systems and coordinate with other engineering competencies to improve system security posture based on threat analysis and security architecture.
- Assist in remediation of cyber security findings and development of cyber security packages.
- Support DevSecOps and Software Engineers in developing secure platforms and effectively communicate regarding the risk posture of the platform.
- Establish communication mechanisms and regularly meet virtually with customer points of contact.
- Submit cybersecurity Change Requests using the customer's procedures and templates and work with the customer's cybersecurity team to resolve comments.
- Provide evidentiary artifacts of scanning/reporting/remediation for container images and contribute to container governance policy development (configuration management and vulnerability management).
- Evaluate compliance with the Application Security and Development STIG for software assets and environments (Classified/Unclassified Applications, Container Orchestration Platform, GitLab, Jira, Confluence, SonarQube, Artifactory).
Requirements
- 2-5 years of relevant experience.
- Must be a U.S. Citizen.
- Candidate must possess or have the ability to obtain an active Secret security clearance or higher.
- Clearance will be sponsored for the right candidate.
- Bachelor’s degree from an accredited college or university in Cyber Security, Information Technology, Information Systems, Computer Science, Computer Engineering, Mathematics, or related field of study (degree may be substituted for comparable additional industry experience and/or industry accepted training and certification).
- Experience assisting in remediation of cyber security findings and development of cybersecurity packages.
- Experience supporting DevSecOps and working with Software Engineers to develop secure platforms.
- Experience with container image scanning, reporting, and remediation, and providing evidentiary artifacts.
- Experience contributing to container governance policy development, particularly configuration management and vulnerability management.
- Knowledge of Application Security and Development STIG compliance.
- Familiarity with Classified/Unclassified Applications, Container Orchestration Platforms, GitLab, Jira, Confluence, SonarQube, and Artifactory.
- Ability to evaluate risk for applications based on a network security plan and submit cybersecurity Change Requests.
- Strong communication skills and ability to coordinate with customer cybersecurity teams and points of contact.
