Senior Cyber Security Engineer with Security Clearance
Mount Indie, LLC
2024-11-07 16:42:34
Arlington, Virginia, United States
Job type: fulltime
Job industry: I.T. & Communications
Job description
Senior Security Assessor - SAP Information Systems We are seeking an experienced security professional to lead comprehensive security assessments for DoD Special Access Program (SAP) information systems. This position will play a key role in evaluating the effectiveness of security controls, ensuring alignment with Risk Management Framework (RMF) standards, and enhancing the overall security posture of highly sensitive environments. This role requires an individual with strong analytical abilities, technical expertise, and a collaborative approach to security engineering. Key Responsibilities Security Assessments & Compliance •Conduct thorough assessments of security controls across SAP information systems, ensuring compliance with RMF and security standards. •Maintain up-to-date Authorization & Assessment (A&A) documentation, monitoring system compliance with IT security, resilience, and dependability requirements. Stakeholder Collaboration & Risk Mitigation •Work closely with stakeholders to ensure security initiatives align with SAP IT operational needs and objectives. •Develop specifications that ensure all risk, compliance, and assurance efforts meet confidentiality, integrity, and availability requirements. Risk Analysis & Mitigation •Conduct risk analysis, identifying potential vulnerabilities, threats, and likelihood of occurrence for major system changes. •Draft statements of preliminary or residual security risks and integrate findings into a broader risk mitigation strategy. System Security Oversight •Monitor security postures for applications, networks, and systems, documenting deviations and recommending corrective actions. •Support SAP teams in staying current on vulnerabilities and implementing necessary remediation efforts. Security Authorization & Assurance •Plan and conduct security authorization reviews, develop assurance cases, and oversee initial installations of critical systems and networks. •Perform security reviews, identifying gaps in security architecture and suggesting improvements to meet operational and security requirements. Cloud & Advanced Security Practices •Apply knowledge of industry security assessment tools and procedures, including SCAP, ACAS, Vulnerator, and HBSS. •Stay informed of best practices for cloud security, contributing to the selection and implementation of best-in-class threat prevention tools. Special Projects & Collaboration •Collaborate with technical leads, developers, and system owners to ensure security requirements align with SAP guidance. •Provide technical oversight on special security projects as needed and travel 20-30% to local and CONUS sites. Required Skills & Qualifications •Clearance: Active TS/SCI clearance. •Education: Bachelor's degree in a relevant field; 4 years of relevant experience may substitute. •Experience: •10+ years implementing RMF and security control assessments. •7+ years of DoD security experience, with proficiency in DISA STIGs, SCAP, ACAS, Vulnerator, HBSS, and eMASS. •Advanced analytical skills for evaluating risks, conducting audits, and making critical security decisions. •Certifications: DoD 8140 Level 2 or higher certification (e.g., CISSP, CCNA, CySA+, GISCP, Sec+CE, CND, SSCP). Desired Skills •Cloud certification (e.g., AWS, Azure) is highly preferred. This role provides a unique opportunity to work in a secure, high-stakes environment, conducting vital security assessments to protect critical SAP systems. If you're ready to lead security initiatives with a strategic and technical focus, we encourage you to apply!