Security Engineer Jr. in Arlington, Virginia at Saliense Consulting LLC
Explore Related Opportunities
Job Description
About Saliense
At Saliense, we are committed to fostering a culture of continuous learning and professional growth. Our employees are encouraged to take on challenging and meaningful work, with ample opportunities for career advancement. We offer competitive compensation and benefits, including:
- 20 Days PTO + 40 Hours of Paid Sick & Safe Time
- 11 Federal Holidays + 2 Corporate Holidays
- Health, Vision, Dental, and Life Insurance
- 401(k) with Tiered Match & 100% Vesting
- Parental Leave for Birthing and Non-Birthing Parents
- Professional Development Reimbursement Program
We believe in empowering our team members to achieve their professional goals while contributing to impactful projects that make a difference. Join us at Saliense and be part of a growing organization dedicated to innovation, collaboration, and excellence. Visit www.saliense.com to learn more.
There are many more - connect with us to get a preview of the full benefits package.
About the role
The Security Engineer Junior supports work performed under the contract possessing a core set of knowledge of federal information system security policy, industry best practices, security control assessments, Plan of Action and Milestones (POA&M) management, system authorizations, configuration management, and system analysis.
Possesses a solid knowledge of federal information system security policy, industry best practices, security control assessments, Plan of Action and Milestones (POA&M) management, system authorizations, configuration management, and system analysis.
This position will require an onsite presence 1 day per week in Arlington, VA.
What you'll do
From a technical perspective the Security Engineer Junior is responsible for developing and executing test plans of the OMB Circular A-123 internal control assessments as well as FISMA internal control assessments. Determines, gathers, examines, and analyzes artifacts related to FISMA security control assessments and remediation verification. Documents all assessment activities and results in sufficient detail to enable external review of all assessment processes, activities, results, and conclusions. Provide security expertise to ensure security controls are implemented and the resulting documentation and artifacts are current. Conducts security product evaluations, and recommends products, technologies, and upgrades to improve the customer’s security posture.
Qualification
- Minimum Educational Requirements: BS/BA in Computer Science, Information Systems, Engineering, Business, Physical Science, or other technology-related discipline.
- Must have a minimum of one (1) year of federal information systems security experience.
- Technical Skills: - Experience with RMF and applying the NIST Cybersecurity Framework.
- Solid knowledge of federal information system security policy, industry best practices, security control assessments, Plan of Action and Milestones (POA&M) management, system authorizations, configuration management, and system analysis
- Experience designing and implementing solutions for protecting the confidentiality, integrity, and availability of sensitive information.
- Experience providing technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, and security implementation.
- Experience designing and implementing solutions for protecting the confidentiality, integrity, and availability of sensitive information.
- Experience using CSAM.
- Solid understanding and application of NIST Special Publications including SP 800-53, SP 800-137, SP 800-171, and SP 800-37.
- Solid understanding of FISMA audit requirements.
- Solid understanding of IT audit requirements.
- Ability to work with cooperatively and at a technical level with developers, engineers, and managers on system teams.
- Knowledge of computer networking concepts, protocols, and network security methodologies.
- Knowledge of risk management processes and tools (e.g., methods and tools for assessing and mitigating risks).
- Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy in a federal environment.
- Knowledge of current and past cybersecurity threats and vulnerabilities.