Security Engineering and Compliance Manager
Location: Hybrid (Mostly remote, with onsite work in Fairfax, VA once per quarter)
Job Description:
- ECS is seeking talented professionals who love a challenge to join us in building the next-generation Continuous Diagnostics and Mitigation (CDM) Cyber data solution.
- The CDM Program is the Cybersecurity and Infrastructure Security Agency’s (CISA) dynamic approach to strengthening the cybersecurity of Federal networks and systems through better awareness and visibility into their security posture and cyber threats.
- ECS is responsible for designing, building, deploying, operating, and maintaining a complete ‘Data Services’ solution which includes the collection, normalization, visualization, and sharing of cyber data from more than 100 Federal agencies.
- The CDM Data Services product is a cloud-hosted solution comprised of multiple Commercial Off the Shelf (COTS), software configuration packages, and custom code which work together to operate as an integrated solution tailored to meet DHS requirements.
- Our program operates within the Scaled Agile Framework (SAFe). An aptitude and enthusiasm for continuous learning, improvement, and cyber security is a must!
- The successful candidate will apply their knowledge to scrutinize the security architecture, implementation, deployment, and operations of the CDM Data Services solution.
- This individual will provide technical expertise and management skills to maintain and achieve a DHS Authority to Operate (ATO) of the solution.
Required Skills:
- US citizenship and ability to acquire Public Trust Suitability.
- 5+ years of Security Engineering experience.
- Bachelor’s degree or equivalent additional experience.
- In depth understanding of general information security concepts and principles, system architectures and development, network protocols, etc.
- In depth experience with supporting system Authority to Operate (ATO) processes and creating artifacts, control implementation details, Risk Management Framework (RMF), and POAMs.
- Ability to analyze vulnerability assessment data to identify technical risks to the organization.
- Experience with architecture, engineering, and services of Amazon Web Services (AWS) to include but not limited to experience creating CI/CD pipelines for solutions delivery using AWS services, AWS well-architected framework best practices, container orchestration platform experience (ex: AWS EKS), and automating the creation of Infrastructure as a Service (IaaS) infrastructures such as CloudFormation, AWS Service Catalog, and GitLab.
- Experience with supporting the ELK (Elasticseach, Kibana, Logstash) Stack in non-production and production environments.
- Experience supervising and leading others, preferably a team of 10+ security engineers and analysts.
Desired Skills:
- Security testing of IT products.
- Knowledge of information security (e.g. authentication, access control, network security).
- Experience with configuration and maintenance of IT Service Management (ITSM) tools such as Atlassian Jira in a production environment supporting Event Management, Incident Management, Problem Management, and Change Management.
- Experience implementing and executing work using the Scaled Agile Framework (SAFe).
- Experience with implementation of DevSecOps best practices to best support vulnerability and weakness reduction management.
- Experience with a SIEM tool such as Splunk desirable (i.e. creating queries, dashboards).
- Experience with Splunk and Tenable Security Tools for Auditing and Vulnerability Management.