Match score not available

Senior Security Engineer

extra holidays - extra parental leave
Remote: 
Full Remote
Contract: 
Experience: 
Senior (5-10 years)
Work from: 

Offer summary

Qualifications:

US Citizen with clearance eligibility, Bachelor’s degree in technical discipline, 8+ years of Information Security experience, IAT Level 2 certification, Familiarity with security tools and principles.

Key responsabilities:

  • Apply Zero Trust principles across enterprise
  • Increase maturity levels within six ZT pillars
  • Sync USCIS cybersecurity strategy and DHS requirements
  • Enhance visibility and track maturity metrics
  • Ensure security of DevSecOps pipeline
ASRC Federal logo
ASRC Federal XLarge https://www.asrcfederal.com/
5001 - 10000 Employees
See more ASRC Federal offers

Job description

ASRC Federal is seeking experienced Security Engineers in support of a new government program. This program will support and augment ongoing efforts to achieve, maintain, continuously improve, and integrate ZT operational capabilities and solutions across ZT pillars. The purpose of this program is to provide enhanced capabilities and integration of operational capabilities and services across ZT pillars to accelerate ZT maturity beyond its current rate, and achieve and maintain White House, OMB, and DHS ZT maturity goals over the next two years.

The Security Engineers supports Information Assurance and Cybersecurity efforts under ASRC Federal’s Zero Trust contract. You will ensure that the USCIS systems are protected against cybersecurity threats, ensuring the security and reliability of mission-critical operations. As an Information Security Engineer Senior, you will be responsible for implementing and maintaining security protocols and measures to safeguard systems. The ideal candidate will have previous Federal agency experience with Application Security, DevSecOps, and CI/CD configuration. This position is REMOTE.

Responsibilities:

  • Ensure that the application of ZT principals are applied to the foundations of all aspects of the enterprise including networking, applications, users, third-party relationships, and access policies.
  • Support efforts to continuously increase the Maturity Levels within each of the six USCIS ZT pillars and overall enterprise ZT architecture.
  • Support synchronization with the overall USCIS enterprise cybersecurity strategy, plans, functions, capabilities, assets, and management lifecycle.
  • Support synchronization with the DHS Zero Trust strategy, plans, functions, capabilities, and requirements.
  • Will need to apply experience and advanced knowledge of software development security principles, and concepts to develop plans and techniques to improve ZT maturity.
  • Support efforts to enable visibility through metrics to track maturity levels.
  • Support continuous improvement for fine-grained access control of USCIS assets (people, systems, data, equipment and networks.
  • Ensure the security of the DevSecOps pipeline using Checkmarx and other application security testing tools,

ASRC Federal Advantages

  • Learning and Development: After 90 days of employment, regular full-time employees are eligible to participate in our professional development program including funds annually to go towards Associate’s, Bachelor’s or Graduate Degrees; Industry standard professional certification; A professional certificate program; Continuing education classes; and Registration fees to attend professional conferences.
  • Employee Resource Groups: That provide our employees the opportunity to collaborate and network with colleges with common interests, backgrounds, and experiences including Women's Impact Network (WIN), Multicultural ERG, Military Community (MILCOM), and Pride ERG for LGBTQ+ employees and allies.
  • Purpose Driven Careers: Certified Great Place to Work™; Certified Military Times' 'Best for Vets' and Military.com ‘Top 25 Veteran Employer.’
  • Benefits: Comprehensive insurance packages including medical, dental, vision, life insurance, and short term/long term disability, as well as a 401K with generous company match and immediate vesting.
  • Holidays: 11 paid holidays.

Requirements

  • Must be a US Citizen able to obtain an agency-specific suitability / public trust clearance prior to starting.
  • Bachelor’s degree in computer science, electronics engineering, engineering, or another technical discipline.
  • Minimum of 8 years' experience as an Information Security Engineer or in related Information Security Engineering activities within the last 10 years.
  • IAT Level 2 certification IAW AR 25-2 and DoD 8570.01M (CISSP, Sec+, etc.)
  • Familiarity with Checkmarx, Burpsuite, Twistlock, Nexxus IQ
  • Experience working in an Agile Framework
  • Experience with Security Information and Event Management (SIEM) tools (e.g., Splunk), AWS Security Hub, and AWS Detective to monitor, detect, and respond to security incidents.
  • Excellent problem-solving abilities and attention to detail.
  • Effective communication, documentation, and teamwork skills.

Desired Skills And Qualifications

  • Cloud experience specifically, AWS, Google, or Azure.
  • A Workforce System Architect and Engineer (IASAE) Specialty qualification
  • Familiarity with:
  • Executive Order (EO) - 14028, Improving the Nation’s Cybersecurity
  • Office of Management & Budget Memo - M-22-09, Moving the U.S. Government Toward Zero Trust Cybersecurity Principles
  • National Security Memorandum 8, “Improving the Cybersecurity of National Security, Department of Defense and Intelligence Community Systems.”
  • OMB Memo – M22-18
  • CISA Zero Trust Maturity Model
  • NIST Cybersecurity White Paper (CSWP) 20, Planning for a Zero Trust Architecture: A Planning Guide for Federal Administrators

Required profile

Experience

Level of experience: Senior (5-10 years)
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Teamwork
  • Communication
  • Problem Solving

Security Engineer Related jobs