AnaVation, LLC Information Systems Security Engineer (ISSE) in Chantilly, Virginia
AnaVation is currently seeking talented and motivated Information Systems Security Engineers (ISSE) to support our mission critical customer in Chantilly, VA.
The ISSE will provide on-site technical and administrative Security Assessment and Authorization (A&A) and Continuous Monitoring (CM) support for the client enterprise wide. The Cloud Information Systems Security Engineer (ISSE) implements security engineering principles to review security requirements, verify implementation, and provide mitigation recommendations throughout the cloud life cycle to facilitate secure systems for A&A and Continuous Monitoring support.
The Cloud ISSE will be assigned specifically to the Cloud PMO and is expected to be certified in one or more of the following: Cloud Certified Architect (ISC)2, Certified Cloud Security Professional (CCSP), or Cloud Security Alliance Certification of Cloud Security Knowledge (CCSK). It is highly desirable that they have experience with Federal Risk and Authorization Management Program (FedRAMP).
Ten years IA and InfoSec experience; which includes developing and reviewing security concept of operations, systems security plans, security control assessments, contingency plans, configuration management plans, incident response plans, plan of actions and milestones, risk management plans, vulnerability scanning, and/or vulnerability management plans
Five years security engineering experience; which includes systems engineering principles, requirements analysis, system development (software and hardware); network security architecture concepts (topology, protocols, components); and/or IT security principles and methods (firewalls, demilitarized zones, encryption)
Two years cloud experience; which includes cloud security design, requirements analysis, control implementation, mitigation, and FedRAMP, as well as experience with common service providers, such as AWS, Azure, and/or Salesforce
Experience with FISMA and RMF/A&A processes
Experience with NIST SP (800-27, 30, 37, 53, 60, 137, 144, 145), FIPS (199, 200), CNSSI 1253 experience
Experience with STIG and SCAP
Understanding of the System Development Lifecycle
Understanding of network access, identity and access management
Strong analytical, communication, problem solving and leadership skills
Ability to perform in a fast paced environment with frequent change
CISSP and CISM or GSLC; or ability to obtain CISM or GSLC within 6 months of hire
Active Top Secret clearance, periodic review (PR) performed within the past three years, SCI eligibility
Government consulting experience
CISSP-ISSEP, CCSP, GCIA, CEH, GPEN, OSCP or other related certifications
Knowledge of CSA guidance
Experience with VMware
Experience with cloud automation tools and scripting (Python, Java, Chef, Puppet, and/or Ansible)
Bachelor’s or Master’s degree in a related field
AnaVation is an Equal Employment/Affirmative Action employer. We do not discriminate in hiring on the basis of sex, gender identity, sexual orientation, race, color, religious creed, national origin, physical or mental disability, protected Veteran status, or any other characteristic protected by federal, state, or local law.
If you need a reasonable accommodation for any part of the employment process, please contact us by email at firstname.lastname@example.org and let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email
External Company URL: http://www.anavationllc.com/