Job ID: 2024-8554 Type: Full Time W/Benefits Ret Match # of Openings: 1 Remote
Overview
Sev1Tech is looking for a Cybersecurity Engineer to assist our clients with Risk Management Framework (RMF), ATO, and Cybersecurity Maturity Model Certification (CMMC) compliance and implementation.
Taking a consultative approach, assist clients in defining and implementing cybersecurity policies and procedures
Work closely with client System Administrators with the identification of vulnerabilities on all customer server assets, including Windows, Unix, and Network devices
Assist admins with hardening of systems to comply with DISA Security Technical Implementation Guides (STIGs)
Ensure DISA STIG compliance, interpretation, and analysis of results as well as remediation
Assist in the Authority to Operate (ATO) support evaluating NIST controls in both a FISMA Moderate and High Environment
Perform system maintenance on security-related tools; evaluate, test, and integrate upgrades
Scan, patch, remediate, provide mitigation strategies, and document security vulnerabilities in operating systems and applications
Assist in defining and writing security policies to support FedRAMP, FISMA, Federal Compliance, NIST Compliance, HIPAA Compliance, ISO Standards, and SOX Compliance
Assist and lead security audits
Generate bi-weekly vulnerability reports to send out to customers
Assist in the operation and maintenance of an enterprise level Security Information and Event Management (SIEM)
Follow security policies and create/maintain existing information system security documentation
Assist in the development, design, and coding of new systems or components, and troubleshoot & debug problems occurring within existing platforms and resolve issues using enterprise level tools
Assist with the evaluation of threats and impact as identified by the government and/or security tools
Other duties as assigned
Responsibilities
Bachelor’s Degree in Cybersecurity, Computer Science, Systems Engineering, Information Technology or related field or experience equivalent with 5-7 years of relevant work experience.
Experience working with Federal Government contracts
Prior Security Consulting experience
Experience leading Cybersecurity/Information Security audits
Must have a thorough understanding of cyber threats, information security, and monitoring & detection using the latest monitoring tools.
Minimum of 4 years’ experience working with security technologies including exposure to AWS/Azure cloud environments
Experience with authoring and maintaining security authorization documentation specific to FISMA and FedRAMP related controls at up to the “High” impact level
Background with Risk Management Framework (RMF), ICD 503, NIST 800-171, NIST SP800-53 and 53a or DCID 6/3; knowledge of current authorization practices; Background with DITSCAP/DIACAP may be substituted in some cases.
Strong experience with Microsoft 365 platform, including Outlook, SharePoint, and Microsoft Teams, etc.
Experience with enterprise level security tools (SIEM and vulnerability scanning), specifically LogRhythm, Splunk, ElasticSearch
Possess excellent oral and written communication skills and proven interpersonal skills
Demonstrates ability to multi-task, internally driven to meet organizational goals with often quick deadlines.
Must be a self-starter passionate about expanding their IT capabilities
Multi-task in a team-oriented environment with the ability to manage concurrent objectives, take initiative and maintain client confidentiality with the ability to work independently
Clearance Level: Clearable
Qualifications
Vendor and Security certifications
Strong verbal and written communications skills, including creation of SOPs, maintenance plans, network drawings.
Strong analytical abilities
Must possess a strong client focus
Experience with AWS networking and security architectures
