Senior Security Engineer

Spatial Front Inc. is seeking a Senior Security Engineer to support the IT Security Officer and security office within the National Ocean Service (NOAA). This position will support a number of important activities within the enterprise including: Security Incident Management, Risk Management, Data Call Management, Security Expertise and Technical support, Policy, Documentation, and Security Training.

The ideal candidate performs both technical and non-technical activities supporting the Cyber Security Program.

• Technical activities include oversight and/or technical operations of security tools in use by the Cyber Security Program and NOAA, conducts Encase forensic capture and analysis, assists with integrating DHS Continuous Diagnostic and Mitigation (CDM) new tools into the Cyber Security Program and shares the CAC/PKI Local Registration Authority (LRA) duties with Senior Security Risk and Policy Advisor.
• Non-technical activities include develops and reviews policies, NIST Special Publications consultation and carries out the requirements of the PWS. Provides backup to the Senior-Level Security Risk and Policy Advisor role. Supports the ITSO with representation at meetings and technical discussions, when the ITSO is unable to attend.

This position is located in Silver Spring, MD. Two days a week on-site and then eventually returning to full time on-site.

Requirements:

• Candidates must be able to pass a US Public Trust background check for badging and to access client systems.
• Demonstrated experience with operating security tools (e.g., Tenable Security Center, Arcsight, vulnerability scanners, database vulnerability scanners , and web application scanners.
• Demonstrated experience in assessing information in security risk following Federal Agency Policies, FIPS and NIST Special Publications guidelines.
• Demonstrated experience reviewing and providing feedback on System Owner's documentation for Federal Agency policy and FISMA compliance.
• Demonstrated experience developing security policies and procedures.
• Experience presenting technical material to senior business managers in a non-technical manner to ensure a clear understanding of how the risk(s) affects the mission and/or business functions.
• Experience with operating Encase forensic capture and analysis.
• Experience with performing CAC/PKI Local Registration Authority (LRA) duties.
• Knowledge of systems administration, network management, security systems operations (e.g., firewalls, antivirus, IDS/IPS), configuration management standards and baselines, and change control technologies.
• Familiarity with IT operations tools (e.g., Microsoft System Center Configuration Manager, IBM Big Fix, Microsoft SharePoint, etc.)
• Familiarity with integrating DHS Continuous Diagnostic and Mitigation (CDM) new tools

Education/Experience:

• BS or higher in a Computer Science, Technology or related field.
• 5 years’ experience assessing or acting as an ISSO for large complex enterprise systems (solutions)
• The candidate should have a demonstrated in-depth knowledge of the FISMA framework and related NIST publications.
• Experience in preparing and presenting complex technical and security presentations to customers. Requires good interpersonal, problem solving, and issue resolution skills. Demonstrate drive, initiative, and creativity. Logical, organized, and execution oriented.
• Maturity and communications skills to interface with other security professionals.
• Holds active and in good standings at least one of the following professional certifications: ISC2 Certified Information System Security Professional (CISSP), CompTIA A , CompTIA Security , GIAC Information Security Professional (GISP), ISC2 Certified Authorization Professional (CAP), or similar certification as approved by Department of Commerce ITSBP policy. Active certification number is required for validation.

Additional Requirements:

• Ability to pass a US Public Trust background investigation for access to the client site and computing systems. You must have lived in the US for the past three (3) years.
• All candidates will be subject to a complete background check to include, but not limited to Criminal History, Education Verification, Professional Certification Verification, Verification of Previous Employment and Credit History.

Other Information:

• The salary range for this position is $110,000 - $160,000 annually.
• For information on SFI's benefits please visit http://www.spatialfront.com/pages/career.html
• This is a full-time W-2 position.
• Spatial Front Inc. is an Equal-opportunity Employer, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
• Spatial Front Inc. participates in EVerify

Salary : $110,000 - $160,000