Website Authenta Tech Solutions

Powered by Innovation. Driven by Security. Designed for Tomorrow.

Full Time

OVERVIEW

Authenta Tech Solutions – a Cybersecurity and IT-based consulting firm that specializes in providing security solutions to federal, state, local, and commercial customers nationwide – is hiring a full-time ISSE.

Authenta Tech Solutions is a certified woman-owned, small business that provides full-scope cyber security solutions customized to your organization. With a team of highly trained IT professionals, we hold major industry standard certifications and designations to match our many years of experience. Providing top-quality service is important to us and we prioritize you always. We are on the frontier of using cybersecurity technologies to secure mission platforms and with your organization’s information security and compliance in mind, we utilize our customized processes to align your business operations and governance processes. Our goal is to ensure that your organization’s information system is secure, is compliant with regulatory standards and stays compliant.

General

The Information System Security Engineer (ISSE) will join our team of Cross Functional Cyber Security specialists providing RMF, Security Authorization, Controls Assessment, Change Management, Continuous Monitoring, Vulnerability Management, and Incident Response for our federal client located in Camp Springs, MD. The ISSE will work alongside individuals of varying specialties in Security Engineering, Compliance, and Analysis.

The ideal candidate for this role will have knowledge in Cyber Compliance with NIST 800-53, 800-37, 800-66, and 800-171 and FIPS 199, with additional hands-on experience in Cloud Security with platforms such as AWS, Google Cloud, Azure, etc., and is well-versed in the architecture and design of the respective cloud including associated services, how the cloud interconnects with agencies, and, specifically, how to conduct business within the cloud environment in a secure manner.

This person will support the security engineering activities associated with evaluating, implementing, managing security practices and continued operations of new and existing technologies across the Enterprise. Prior experience or knowledge with Cyber Security Compliance (DHS 4300A, DHS ISSO Guide, FIPS199) is desired.

Responsibilities

  • Cloud Security Activities:
    • Provide technical support for enterprise infrastructure components (network, database, middleware, security and open source code) technology transitions and migrations to cloud services, e.g. Platform as a Service (PaaS), Infrastructure as a Service (IaaS), etc.
  • Risk Management Framework (RMF) Activities:
    • Support all activities as outlined in the NIST SP 800-37, Risk Management Framework for Information Systems and Organizations. This includes the process for managing security and privacy risk that includes information security categorization; control selection, implementation, and assessment; system and common control authorizations; and continuous monitoring.
  • Security Control Assessment Response:
    • Support all assessment activities by responding to interview questions as well as working with the system teams to gather appropriate evidence as directed by the SCA team.
  • Configuration/Patch/Vulnerability Management:
    • Review scan results for the system assets, identify the respective remediation for misconfigurations and weaknesses, and work with the system team to ensure timely implementation of fix.

Additional Responsibilities:

  • Develop briefings and presentations for Government PM and Executive Management
  • Support all Security Authorization Processes, Security Control Assessments and Ongoing Authorization activities as required and as directed by the Federal Government
  • Ensure systems are properly patched and hardened according to DHS requirements
  • Conduct research and analysis on abnormalities and provide recommendations
  • Provide, prepare, and conduct security training, as needed
  • Apply and analyze privacy laws, administrative laws, regulations and policies surrounding the Privacy Act of 1974, the E-Government Act of 2002, or the Homeland Security Act of 2002
  • Experience with controls standards such as NIST 800-53, 800-37, 800-66, and 800-171 as well as other privacy regulations
  • Support security and privacy requirements for internal and external system connections
  • Support proposed collection, sharing, and maintenance of PII through privacy compliance documentation
  • Perform comprehensive document reviews (DR) on all risk management and security operations documentation, in alignment with DHS, Customer, and FISMA requirements
  • Conduct quality assurance checks to ensure that the finished documentation meets DHS, Customer, and FISMA requirements
  • Implement a two (2) day turn around for the following artifacts: FIPS 199, E-Authentication Workbook, PTA, PIA, CP, CPT and a five (5) day turn around for the review of the Security Plan (SP).
  • Establish a mailbox and report tracking mechanism to ensure that the federal staff knows the status of all documents that are in the review process at all times by running a simple report.
  • Revise, edit, or update security authorization documentation and presentations
  • Create, adapt, and follow project schedules and deadlines
  • Develop a thorough understanding of the audience and the documentation required by meeting with colleagues, and working with managers to discuss technical problems
  • Research and build knowledge about products, services, technology, or concepts

Desired Qualifications and Experience:

Must reside within a commutable distance to Camp Springs, MD to work onsite at least 2 days/week when the customer site reopens

  • Security Authorization Documentation: Experience with or Understanding of the FIPS 199, e-Authentication, Privacy Threshold Analysis (PTA)/Privacy Impact Analysis (PIA), Security Plan (SP), Contingency Plan (CP), and Contingency Plan Test (CPT), Interconnection Security Agreement (ISAs) and Memorandum of Agreement/Understanding (MOA/Us) and any other FISMA-related security documentation.
  • Change Management: Experience reviewing change requests for potential impact to the system security posture.
  • Continuous Monitoring: Experience conducting audit log and account management reviews and update the Control Allocation Table and Trigger Accountability Log.
  • Incident Response: Experience working with Security Operations Center (SOC) and system teams to investigate and analyze any incidents affecting assigned system(s).

Additional Qualifications

  • Conduct Risk Analysis on vendors, cloud service providers, etc. as necessary to identify flaws, threats and risks in emerging IT projects, and develop technical in-depth engineering solutions to address and mitigate these risks
  • Excellent customer service, analytical, problem solving, team-building, and interpersonal skills
  • Ability to work independently and function as an integral part of the team
  • Excellent oral and written communication skills; technical and business focused, with the ability to document and describe security process information collected
  • Listening skills, the ability to detect explicit and implicit needs and wants
  • Demonstrated ability to exercise good judgment, prioritize multiple tasks, and problem solve under pressure of deadlines and resource constraints
  • Advanced Microsoft Excel and Access skills to perform extensive data mining, correlation, and reporting
  • Experience working with or knowledge of NIST SP 800-53, RMF, FISMA, DHS and DoD policies
  • Listening skills, the ability to detect explicit and implicit needs and wants
  • Demonstrated ability to exercise good judgment, prioritize multiple tasks, and problem solve under pressure of deadlines and resource constraints
  • Ability to work independently and function as an integral part of the team
  • Strong analytical and problem-solving skills
  • Demonstrated interviewing and negotiation skills applicable to identifying, defining, and evaluating requirements
  • Deep understanding of Security Regulations, such as the NIST Publications and OMB Security related documents
  • Ability to work on high priority ad hoc requests such as data calls, Senior Management Initiatives (CIO, CISO, etc.), customer mandates, etc.

Clearance Required:

  • Must be a US Citizen able to obtain a Federal agency-specific clearance prior to starting

Baseline Certification:

  • Must have and maintain at least one active certification such as CASP, GSEC, GSLC, CISSP, CEH, CISM, and CISA, or other comparable certification which must be approved in advance by our customer; Proof of certification is required

Education/Years of Experience:

  • Bachelor’s Degree
  • 5+ years of experience in the following:
    • Managing IT projects and programs, or specialized experience in one of the below positions: Information Systems Security Officer, Information Systems Security Engineer, Information Systems Security Auditor or Information Systems Security Manager
    • Security Engineering or Security Operations
    • Analyzing, assessing and implementing corrective actions based on vulnerability management tools
  • Cloud Security experience in at least one of the following platforms: AWS, Google Cloud, and/or Azure
  • Demonstrated proficiency in vast array of Cyber Security platforms: Standard Application Online (SAO), Security Information and Event Management (SIEM), Intrusion Detection System (IDS)/Intrusion Protection System (IPS), Data Loss Prevention (DLP), Web Application Firewalls (WAF), Threat Intel, Endpoint Security
  • Experience in security process mapping, security process analysis, security process improvement concepts, models, and best practices
  • Experience preparing documentation and materials to support the operations of FedRAMP compliance requirements throughout the organization
  • Experience working in an Agile environment and provide quality, professional deliverables in a short timeframe with little to no guidance from the Government
  • Experience providing technical security solutions and control implementation recommendations to the Agile Development teams based on industry best practice and Federal requirements
  • Experience supporting multiple high-volume project assignments

 

AUTHENTA TECH SOLUTIONS COMPANY BENEFITS

  • Health insurance.
  • Dental insurance.
  • Vision
  • 401K.
  • 11 days of personal leave plus paid federal holidays.
  • Professional development and training assistance.

Authenta Tech Solutions, LLC is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

PERSONAL INFORMATION

EMPLOYMENT ELIGIBILITY

EDUCATION

EMPLOYMENT HISTORY

CERTIFICATIONS/LICENSES

REFERENCES

VOLUNTARY DISCLOSURE

*If you are a qualified individual with a disability or are a disabled veteran, and are unable or limited in your ability to use or access our online application as a result of your disability, you have the right to receive assistance in completing the application process. Please contact our Recruiting Department at 888.ATS.7171 ext.700 or info@authentatechsolutions.com to let us know how we might be able to accommodate you.

MILITARY SERVICE

BACKGROUND CHECK CONSENT

HOW DID YOU HEAR ABOUT US?

RESUME ATTACHMENT

Upload your CV/resume or any other relevant file. Max. file size: 5 MB.
Upload your cover letter. Max. file size: 5 MB.

DISCLOSURE OF INFORMATION

Please read the following information carefully. If you understand and agree, check the box to the left to indicate your agreement. I authorize all persons listed both within this application and on any accompanying resume to give Authenta Tech Solutions, LLC any and all information concerning my previous employment, education, and any pertinent information that they may have, personal or otherwise, and release all parties, such persons and Authenta Tech Solutions, LLC, from liability for damage that may result from furnishing same to Authenta Tech Solutions, LLC. If employed by Authenta Tech Solutions, LLC, I agree to abide by the policies and procedures of the Company. I acknowledge that if hired, I will be an "at-will" employee. I will be subject to dismissal or discipline without notice or cause, at the discretion of Authenta Tech Solutions, LLC. I also understand that this means I am free to quit my employment at any time, for any reason without notice. I understand that no representative of the Company, other than the CEO of Authenta Tech Solutions, LLC, has the authority to change the terms of the "at-will" relationship and that any such change can occur only in a written employment contract. I understand that Authenta Tech Solutions, LLC may obtain a consumer and/or investigative report for employment purposes that may include information regarding prior employment, work experience and performance, reasons for employment termination, and information as to character, general reputation, personal characteristics, or mode of living. The report may also contain a records check of driving, criminal, credit, education, degrees, professional licenses, and/or certification records depending on the position. By signing this application, I authorize the procurement of a consumer and or investigative report by Authenta Tech Solutions, LLC as part of the pre-employment background investigation and if hired, at any time during my employment. I understand and agree that, subject to applicable law, I may be required to take a drug and alcohol screening test. I hereby give my voluntary consent for a blood and/or urine sample to be collected from me and submitted for testing. I also consent to the release of the test results to Authenta Tech Solutions, LLC. I understand that any positive drug or alcohol result may preclude my employment. Authenta Tech Solutions, LLC will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with Authenta Tech Solutions, LLC' legal duty to furnish information. Prior to my beginning work with Authenta Tech Solutions, LLC, I will be required to complete Form I-9, certifying my eligibility to work in the United States. I hereby affirm that the information provided on this application and accompanying resume, if any, is true and complete to the best of my knowledge. I also agree that falsification or significant omission of information requested in this application, or in the application process, may disqualify me from further consideration for employment and may be considered justification for dismissal if discovered at a later date. I understand that Authenta Tech Solutions, LLC is a federal contractor and an Equal Opportunity Employer committed to excellence through diversity. Applicants are considered for all positions without regard to any protected class under applicable law. In order to ensure this application is acceptable, please print or type with the application being fully completed in order for it to be considered. I am invited to complete the optional self-identification fields used for compliance with government regulations and record-keeping guidelines. Submission of this information is voluntary and I am not subject to any adverse treatment if I do not provide it. This is an Equal Opportunity Employer and I, the Applicant, certify that my answers are true and honest to the best of my knowledge. If this application leads to my eventual employment, I understand that any false or misleading information in my application or interview may result in my employment being terminated.

Pin It on Pinterest

Share This