Senior Systems Security Engineer

Location VA – Springfield
Position Schedule Full Time (40hrs)
Relevant Work Experience Mid (4-6yrs)
Security Clearance Required Yes
Job Description
The DesignMob in support of a Federal Government Agency, is looking for an Application Security Engineer who will be responsible for securing applications infrastructure and supporting the Certification and Accreditation (C&A) process.
The candidate will be responsible for implementing security hardening of the entire applications stack, including web servers applications servers, database servers, virtualization infrastructure, load balancers and messaging infrastructure.
Job Qualifications
Responsibilities:Design, implement and monitor secure configurations for the following components:

•F5 BIG-IP Local Traffic Manager
•F5 BIG-IP Global Traffic Manager
•Apache HTTP Server
•IBM WebSphere Application Server
•IBM WebSphere MQ Server
•Microsoft .Net (IIS)
•VMware ESX Server, vCenter & vSphere
•Oracle Database Server
•Microsoft SQLServer
•Works with vendors and/or in-house development and infrastructure engineering teams to mitigate security issues.
•Performs regular security scans of the infrastructure to ensure compliance with secure baselines.
•Scans infrastructure after all patches or upgrades.
•Works with engineering staff to provide guidance on mitigating security issues on the platform
•Works with Information System Security Officers (ISSOs) to create System Security Plans, Risk Assessments (RAs), Contingency Plans (CPs) and Contingency Plan Test Results (CPTRs) based on Federal Information Security Management Act (FISMA) and DHS guidance.
•Supports ISSOs and Primary Certifiers (PCs) during the C&A process to manage all Plans of Action and Milestones (POAMs).
•Works with the Security Operations Center (SOC), as part of the Incident Response Team, as needed, to assist with security incidents.
•Identifies and implements solutions based on client needs. Informs client management of appropriate developments in technical support products.
•Provides technical leadership to internal and external personnel with regards to infrastructure security.
•Mentors and provides guidance to less experienced personnel on security-related matters.
•Evaluates security products and upgrades for appropriateness of cost and compatibility. Oversees and implements security system upgrade strategies.
•Implements security solutions and refines procedures as appropriate.

Skill Requirements:

•Must have a working knowledge of most or all of the infrastructure components listed above
•Must have hands-on experience with multiple scanning technologies across all layers of the infrastructure
•Must be experienced with implementing the security controls documented in NIST 800-53 – Recommended Security Controls for Federal Information Systems and Organizations; Rev.3 preferred
•Must have experience supporting the C&A process
•Familiarity with DHS Secure Baselines is a big plus

Professional Requirements:

•Professional consulting experience and background required; Federal Government experience strongly preferred
•Proven strong innovative and analytical ability with extensive implementation experience
•Must be a team player and have excellent written and oral communication skills
•Must have a B.S. in Computer Science or related area of study and be eligible to work in the United States
•Must be fully competent to work under general direction on complex projects usually on specific assigned projects, issues and problems. Several projects will usually be active at the same time, so the ability to multitask is essential to success for this position

CLEARANCE: Candidates should be US Citizens and will be required to undergo a security background investigation for this work.

Submit Resume