System Security Engineer

Published date Posted on Indeed on Jun 23, 2022 (8 d ago)
By Light is looking for an experienced Systems Engineer to provide support to our client at the Department of Health and Human Services. The right candidate should be able to work within a team or independently to help support and imporve the security posture of
  • The candidate shall ensure the system adheres to all applicable federal and agency regulations, policies, standards and requirements with regards to IT system security, privacy, and compliance.
  • The candidate shall manage the security-related processes required for obtaining an ATO for the system.
  • The candidate shall support and facilitate the security control assessment activities including participating in interviews, providing evidence of implementation of controls, and providing support for systems and platforms verification scans.
  • The candidate shall analyze and remediate any security findings (POA&Ms) in order to obtain the ATO.
  • The candidate shall ensure the confidentiality, reliability, integrity, availability, and performance of the system.
  • The candidate shall perform information security risk management, vulnerability management, incidence response, disaster recovery and data backup planning and operations.
  • The candidate shall deliver Security Documentation as required by federal standards and directed by the client, any documentation required for ATO or on-going authorization including the System Security Plan, Incident Response Plan, Configuration Management Plan, Contingency Plan, HW/SW list, and Contingency Plan Test Results
  • Help product engineering teams adopt and integrate security capabilities into their product and software development lifecycles
  • Provide subject matter expertise on secure architecture, design and coding practices based on current knowledge of security threats and vulnerabilities that could impact the technology stack.
  • Support definition of Secure SDLC standard to include security architecture, design and coding requirements for infrastructure, application and data to align with application security maturity model and adopt a shift-left approach for security.
  • Evaluate various application security tools including SAST, DAST, SCA, IAST and Pen Testing and operationalize security tools for integration with CI/CD.
  • Develop security controls and processes for products and services developed and deployed for both on-prem and cloud environments.
  • Perform threat modeling, conduct security architecture reviews and provide training to architects and developers to enhance adoption of secure coding practice within the product development lifecycle.
Required Experience/Qualifications:
  • College Degree or equivalent hands on experience
  • 3 to 5 years as Security Engineer supporting large size application with a DR site
  • Experience working in a government environment
  • Excellent communication skills
  • Experience working through the process of obtaining and maintaining an ATO
  • Security related training and certifications
  • Experience using security tools such as Fortify, WebInspect, FindSecureBugs, CheckStyle, PMD, wireshark, nmap, threadfix, SD Elements
  • Experience with DevSecOps
Special Requirements/Security Clearance:
Position Requires ability to get a Public Trust.
By Light does not require COVID-19 vaccinations or boosters; vaccination requirements and testing are subject to the status of the federal contractor mandate and customer site requirements; testing is at the cost of the employee.

Let us know

Help us maintain the quality of jobs posted on RemoteTechJobs and let us know if:

Error on reporting

Related jobs

Piper Companies is looking for a Assistant Director of Portfolio Risk Management for a wealth management organization located in Philadelphia, PA.This is a Remote Opportunity!Responsibilities for the Assistant Director of Portfolio Risk Management:Develop.

Zachary Piper Solutions Zachary Piper Solutions |

Zachary Piper Solutions is seeking a Penetration Tester for a remote job opportunity supporting a government subcontracting company based in Washington, DC. The Penetration Tester will assist with infosec projects across a wide variety of technologies..

GovCIO is a team of transformers-people who are passionate about transforming government I.T. We believe in making a difference by developing digital strategies and delivering the technology-related innovation that improves governmental operations each.

Job Summary: As an Information Systems Security Engineer (ISSE), your primary function is to ensure that the client's new cloud development environment meets all security requirements and specifications according to their Risk Management Framework (RMF)..

Through our dedicated associates, Conduent delivers mission-critical services and solutions on behalf of Fortune 100 companies and over 500 governments – creating exceptional outcomes for our clients and the millions of people who count on them.You have.

Data Bridge Data Bridge |

Title: Cyber Security EngineerLocation: RemoteDuration: Full TimeWe are looking Cyber Security Engineer at RemoteExperience with developing and implementing a comprehensive Information Security Data Loss Prevention (DLP) program to include defining standards.

More jobs by this company

By Light Professional IT Services By Light Professional IT... |
8 d ago

Overview:We are looking for a Senior React Developer to build engaging user interfaces that are usability focused, highly reusable, and easily maintained. You will work collaboratively within the Software Development Team charged with the design, integration,.

By Light Professional IT Services By Light Professional IT... |
8 d ago

Overview:Working on a product team charged with the design, integration, production, testing, and deployment of cyber training software. This role entails creating engaging visual designs for web apps and training content while ensuring the optimal user.

By Light Professional IT Services By Light Professional IT... |
17 d ago

Overview:By Light is seeking an Oracle Database Administrator to join our team. Primary job duties will be to provide Oracle/SQL development support and Oracle Database production support.By Light provides a broad range of hardware, software, engineering,.

By Light Professional IT Services By Light Professional IT... |
17 d ago

Overview:By Light is looking for a resource to provide SharePoint and Website front end support to the Department of Veterans Affairs. The ideal candiate will be a team player that is professional, represents themselves well and provides exceptional.

By Light Professional IT Services By Light Professional IT... |
28 d ago

Overview:We are seeking RF Software Engineers to design, implement, and optimize advanced communication systems to meet the mission needs of our U.S. Government customers. We are looking for proficient candidates with past experience in 4G/5G development..