Job Details

Position Summary

Versar, Inc., is seeking a Senior Security Engineer (Compliance) to support the Department of Homeland Security's Enterprise Engineering Division (EED) within the Office of the Chief Information Officer (OCIO). This candidate will be a member of a high functioning team supporting cybersecurity countermeasures to strengthen DHS enterprise and HQ networks, overseeing and providing strategic and tactical direction with security compliance. This candidate will work directly with a team of network and security engineers, data center specialists, ISSOs, industry vendors, and DHS stakeholder groups that includes 20+ DHS Components.

This effort is responsible for providing support for the following Homeland Security Enterprise Network (HSEN) services along with Security Engineering Compliance:

• Design and development of cyber security technology along with integration of new architectural features into existing infrastructures while maintaining the integrity and security of enterprise-wide cyber systems and networks.
• Responsibility for DHS Security ATO and RMF compliance support ensuring systems are documented, security control implementation/documentation, self-inspection (STIG/vulnerability/compliance) auditing and issue remediation.
• Strong working relationship with ISSOs and technical teams to ensure NIST Compliance and RMF ATO Security Authorization.

Additional Duties / Responsibilities

• Provide DHS Security Authorization Support
• Assist and support the SOC Security Authorization Process following National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 including, but not limited to, the following elements:
• Security Plan
• Security Risk Assessment
• Security Controls Assessment
• Continuity of Operations Plan (COOP)
• Development of POA&Ms
• Provide assistance and support to the SOC System ISSO, to document and maintain the SOC Security Authorization documentation in the Information Assurance Compliance System (IACS), conduct NIST SP 800-53A assessments, and track NOSC Cyber (SOC) POA&Ms.
• Develop and document a comprehensive COOP ensuring that the Contractor maintains appropriate NOSC Cyber infrastructure backups, and documents priorities and procedures for re-instantiating critical functions in the event of a failure.
• Test the DHS NOSC Cyber COOP capabilities in conjunction with internal test procedures and the DHS Information Technology Disaster Recovery Plan.
• Provide support to Government management by establishing POA&Ms and processes for tracking the correction of internal self-assessment and external audit findings relating to security authorization of NOSC operations and activities.

Minimum Qualifications / Requirements

• At least six (6) years of professional experience in an IT Services environment, providing technical support with emphasis on security compliance for federal networks.
• Prior experience with NIST FIPS Standards, Contingency Plans, Network Infrastructures, Security Impact Analysis, Privacy Impact security Assessments & Analyses, Standard Operating Procedures.
• U.S. Federal government consulting experience preferred.
• Must be resourceful in learning a very complex and dynamically changing network.
• Must be able to work independently in a fast-paced, dynamic environment.
• Past experience within the Department of Homeland Security or other government agency is preferred.
• U.S. citizenship required and eligibility for a DHS EoD is required to be considered for this position.

Education

• BS degree in Information Systems, Computer Engineering, Computer Science, or Cyber Security, or equivalent experience.

Certifications Desired

• Security Certifications: CISSP, CCSP, CISM, GSLC, CISA, CASP, or equivalent.

Software/Hardware Desired

• IBM AppScan, HP WebInspect, Nexpose, Splunk, Nessus, HP Fortify, McAfee SECURE, McAfee Virus Scan, Enterprise, ArcSight Sourcefire, Nagios, Saint, Solarwinds, Remedy, Primavera, Xacta, CSAM.