Senior Security Engineer
Location: Washington, DC
Clearance: Public Trust
Bachelors’ Degree in Computer Science, Total of 7 to 10 Years of IT Experience
Minimum of 5 years of Cybersecurity experience. Nessus security center, carbon black, Splunk.
At least one of the following CISSP, CAP, SSCP, GIAC, GISP, CISA
- As a technical expert, exercises broad latitude in developing policies and guidelines for customer support service and employs multiple interdisciplinary communication methodologies to engage stakeholders.
- As a high level technical specialist in the field of information technology (IT) security, the candidate will provide authoritative advice and guidance related to the FERC IT security program. They will serve as consultant to the Information Security and Systems Assurance (ISSA) Director for advice on integrating cybersecurity objectives within IT programs with other key mission-critical agency programs.
- Comprehensive understanding of vulnerability management, United States Government Baseline (USGCB), Defense Information Systems Agency Security Implantation Guides (DISA STIGS), Center for Internet Security (CIS) hardening standards.
- Deep understanding of the Federal Information Security Management Act(FISMA), the National Institute of Standards and Technology Risk (NIST) Management Cybersecurity and Infrastructure Support Framework, and a strong background in Privacy Act and the associated requirements of these Acts.
- Deep technical expertise with various security tools and solutions is required, specifically, Nessus security center.
- Technically proficient in a broad scope of technologies such as Windows, Linux, UNIX, and networking equipment (Juniper/Cisco). Solaris, RedHat Leads remediation efforts on non-compliant systems to bring them into compliance.
- Communicate clearly and regularly with management and team members.
- Develops processes, plans, and procedures and work with staff to ensure adherence to the documented plans procedures.
- Experience with FISMA tracking and remediation.
- Experience with executing NIST Risk Management.
- Experience working within Agile development processes.
- Experience with web-based applications. Experience with relational databases and SQL.
- Ability to quickly adapt to a changing environment.
- Should be a self-motivated, independent, and detail oriented professional.
- Strong communication skills, both written and oral, to work effectively with team members, business partners, and clients. Excellent teamwork, multi-task, and interpersonal skills