Security Engineer II - Agile Defense

Fort Belvoir, VA 22060

About the Job

Requisition #: SECUR003427

Job Title: Security Engineer II

Location: Fort Belvoir, VA 22060 /Remote

Clearance Level: Active DoD - Secret

Required Certification(s):

MS with 10+ yrs or BA/BS w/ 12+ years of relevant Security related experience

**Selected applicants may be subject to a government security investigation and must meet eligibility requirements for access to classified information. **

SUMMARY

Program Executive Office Enterprise Information Systems (PEO EIS) works to modernize and manage the Army’s network and enterprise business systems through the support of Army and Department of Defense (DOD) communications, logistics, medical, finance, personnel, training, and procurement systems. The focus of this project is to support services of the Army Identity Credential and Access Management (ICAM) systems, helping to ensure that the right people have the correct access to tools and systems to succeed in the mission.

DUTIES

Executes security testing for all servers, applications and network devices. Testing shall be accomplished utilizing Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) and established timelines to meet specific program needs.
Researches and develops Security Test and Evaluation (ST&E) Plans for all systems servers, applications and network devices.
Prepares Plan of Action and Milestones (POA&Ms) to identify security weaknesses for the systems.
Assists the Government Information System Security Managers (ISSM) with identifying security requirements and implementing security mechanisms against potential security threats to the systems. Provides recommendations about how to avoid, minimize, correct, or recover from possible damage.
Provides engineering and technical expertise to include research or updates on new or upgraded operating systems, patches, hotfixes, applications, COTS products, issue resolution, vulnerability evaluations, countermeasure implementation, ST&E, auditing/intrusion detection tools, and all other security-relevant areas as required.
Experience evaluating of network/system/device/application technical and non-technical security features • Experience validating and evaluating network/system/device/application security requirements, vulnerabilities, and residual risks.
Experience auditing information system security.
Experience monitoring suspicious activity on information systems. DISA Security Technical Implementation Guide (STIG) knowledge and background.
Experience researching and developing Security Test and Evaluation (ST&E) Plans.
Experience in support of Time Compliance Network Orders (TCNOs), Communication Tasking Orders (CTOs), Maintenance Tasking Orders (MTOs), and Network Tasking Orders (NTOs), and Information Assurance Vulnerability Alerts (IAVAs).
Experience/background with MS Word, MS Project, PowerPoint, MS Excel, or MS ACCESS.

Qualifications

Education and Certifications

MS with 10+ yrs or BA/BS w/ 12+ years of relevant Security related experience IAT Level III Certified in one of the following: CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, or GCIH within 6 months

Background Needed and Years of Experience

MS with 10+ yrs or BA/BS w/ 12+ years of relevant Security related experience

Additional Skills & Qualifications

Must-Have Technical Skills

Experience with Risk Management Framework (RMF) Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption).
Knowledge of new and emerging IT and cybersecurity technologies.
Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of authentication, authorization, and access control methods.
Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting)
Knowledge of incident response and handling methodologies.
Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
Knowledge of cyber defense and information security policies, procedures, and regulations (e.g., RMF).
Knowledge of Intrusion Detection System (IDS)/Intrusion
Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory service

Non-Technical Skills

Excellent writing, interpersonal and communication skills
Ability to communicate effectively with the team on assigned tasks, expectations, and schedules.
Sharp attention to detail
Organized; time management skills to forecast and stay ahead of deliverables/reporting requirements
Must be well-organized and detail-oriented with the ability to coordinate, prioritize multiple tasks, and be adaptable to change to accomplish assignments.
Excellent Customer Focus/Satisfaction skills
Strong/Natural understanding of and ability to demonstrate the Agile Defense Core Values: Happy, Helpful, Honest, Humble, Hungry, Hustle

Working Conditions

Working Conditions

Government site with 0%-10% travel possible.
Possible off-hours work to support releases and outages.
General office environment.
Work is generally sedentary in nature, but may require standing and walking for up to 10% of the time.
The working environment is generally favorable.
Lighting and temperature are adequate, and there are not hazardous or unpleasant conditions caused by noise, dust, etc.
Work is generally performed within an office environment, with standard office equipment available.

Strength Demands

Sedentary – 10 lbs. Maximum lifting, occasional lift/carry of small articles.
Some occasional walking or standing may be required.
Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.

Physical Requirements

Stand or Sit
Repetitive Motion
Talk or Hear
See

COVID-19 Vaccination Requirements

As a federal contractor, Agile Defense is subject to any federal vaccine mandates or other customer/facility vaccination requirements. As such, to protect the health and safety of its employees and to comply with customer requirements, Agile Defense may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

About Us!

Agile Defense is an Information Technology Solutions provider committed to partnering with our customers to deliver the highest level of service to our customers. We provided Information Technology (IT) services to the U.S. Government, including several United States Civil agencies and various branches within the U.S. Department of Defense.

Agile Defense has established a solid reputation of partnering with our customers to deliver innovative IT solutions with our “Listen. Think. Innovate.” philosophy.

At Agile Defense, we know that our employees are our most important asset. We believe in our responsibility to our fellow employees, customers, company, and to our country. We promote teamwork, integrity, and creativity; we expect our fellow employees to also live these values.

Equal Opportunity Employer/Protected Veterans/Individuals with DisabilitiesThe contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)

Source : Agile Defense