At Secure Technologies Group we offer a steady and challenging career path. We have tremendous opportunities for those self-starting professionals who are looking for a challenge and are ready for a change. To meet the demands of the industry’s ever changing salary environment, Secure Tech has modernized our compensation package to maximize total compensation to our employees. For a work environment that’s fast-paced and high-performance as well as stable and growth-oriented, apply today!
ISSE - Information Systems Security Engineer
- BS degree & 5 - 8+ yrs. experience
- CompTIA 8570 II Certification required (CISSP preferred)
Expertise in the following areas is desired/preferred:
• RMF, DCID 6/3, Certifying
• Risk Management Framework (RMF)
• Vulnerability and Risk Assessment, Analysis, and Reporting
• DISA Security Content Automation Protocol (SCAP) content and Security
• Technical Implementation Guides (STIGS)
• Malware and Virus prevention, detection, and remediation
• Analysis of system auditing and logging
• Repository (DITPR) /Department of Navy (DON)
• Federal Risk and Authorization Management Program (FedRAMP)
• Networking, System Administration Windows and Unix/Linux platforms
• Database Administration and Application Development
• Project Management
• USN and/or USMC Certification and Accreditation tools eMASS and MCCAST
• Patch Management, Incident Response, and Asset/Inventory Management
• DoD 8500. 01 and DoD 8510. 01 and National Institute of Technology Standards (NIST) publications
• Payment Card Industry Data Security Standards (PCI DSS) Requirements
• Experience with Certification and Accreditation activities, in particular, experience in the area of moving accreditation packages through the RMF process to Authority To Operate (ATO).
• Conducting vulnerability scans, system assessments, risk analysis, and technical recommendations to validate compliance.
• Conducts verification and validation for security information systems, products, and components.
• Analyzes design specifications, design documentation, configuration practices and procedures, and operational practices and procedures.
• Provides identification of non-compliance of security requirements and possible mitigations to requirements that are not in compliance.
• Verifies and validates that the system meets the security requirements.