ARLINGTON The selected candidate will support the assigned government project manager with a broad range of technical and management activities in support of the department’s cloud security program. The ideal candidate will have several years of documented experience in both technical implementation and management of Cloud Security best practices.
REQUIRED KNOWLEDGE, SKILLS, AND EXPERIENCE
– Implementing and managing Cloud Security Access Broker (CASB) products and capability
– Build and manage application access policy, proxy settings
– Scripting/programming experience in Python, PowerShell, and other scripting languages
– Deploy, manage, troubleshoot end user browser proxy agent settings
– Manage API endpoint policy settings, web and proxy settings, IP based restrictions
– Build and manage default and custom DLP, data patterns, device, and mobile policies
– Managed and build process for responding to incidents, alerts, end user issues
– Integration experience with O365, ADFS and other SaaS providers
– Integration experience with custom web applications
– Subject matter expert of authentication protocols and security risks, and ADFS and SAML concepts
– Create and maintain operational documentation and reports for trends, analysis
– Provide support in security incident response activities and post-event reviews of security incidents
– Practice automation first, with strong familiarity automating processes using PowerShell and Python, including use of remote APIs
– Prioritize and respond to latest security alerts, CVEs, and patches
– Respond to security alerts and triage incident response management
– Integrate Security in DevSecOps delivery model, introducing the right DAST and SAST products and stage gates for release
– Build and manage policies on edge and cross network firewalls
– Implement security controls to comply with industry best practices and regulatory controls to improve security postures for all cloud environments
– Responsible for applying cloud security concepts, including identity and access management with multi-factor authentication, and general cloud security tools and knowledge
– Develop and continuously refine alerting rules to improve meaningful operational health and security
– Participate in architecture designing and engineering security solutions for cloud native and hybrid environments
– Identify, configure, and manage security products to maintain cloud security health
– Provide support for baseline security core documentation e.g., system security plans, contingency plan, configuration management and other in core documents supporting system authorization package in accordance with DOT guidance
– Understanding of IT governance and management in the federal sector
– Understanding of information assurance, cybersecurity, privacy policies disciplines, methodologies including but not limited to National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), NIST Cybersecurity Framework (CSF)
– Understanding of the Federal Government’s deployment of Information Security Continuous Monitoring (ISCM), the Continuous Diagnostics and Mitigation (CDM) Program, organizational phases and technologies
– Understanding of information assurance, cyber security, privacy policies disciplines, methodologies i.e., Cyber Security and Risk Management Framework(s), Federal compliance standards such as National Institute of Standards and Technology (NIST) 800-53, FIPS, and FedRAMP
– Understanding of Identity, Credential and Access Management (ICAM) implementation
– Ability to work with customers to assess needs, provide assistance, resolve problems, satisfy expectations; knows products and services
– Understanding of the principles, methods, or tools for developing, scheduling, coordinating, and managing projects and resources, including monitoring work, and performance
– Understanding of the principles, methods, and tools of quality assurance and quality control used to ensure a product fulfills functional requirements and standards
– Proficient in Microsoft Office products: Word, Excel, PowerPoint, Visio, Teams, Power BI and SharePoint
– Two+ years of documented experience in the management and administration, including trouble shooting cyber tools such as Tenable Security Center, CounterAct, Splunk, and NetSparker
– Knowledge of domain structures, network protocols, user authentication, digital signatures, firewall and security best practices
– Ability and expertise in providing guidance in the design of new application and database configurations and connectivity
– Ability to plan, execute and develop report for application, network (internal or external) vulnerability analysis and provides technical recommendations to maintain and improve mission functionality
– Understanding of the principles and methods to configure and /or administer Network devices security devices such as network firewall, data loss prevention, network intrusion detection systems, and intrusion prevention systems
– Working knowledge of different Operating Systems and systems services (Windows Server, Linux/ Unix and Active Directory)
– Conducting dynamic web application security testing, both manual testing and utilizing application security tools to discover exploitable vulnerabilities
– Understanding of vulnerability application and database security assessment, scanning and results interpretation
REQUIRED CERTIFICATIONS
Relevant industry certifications are a positive and should be in line with industry standards.
EDUCATION
Bachelor’s Degree with eight (8) years of experience supporting the above areas.
CLEARANCE
US Citizenship and Public Trust clearance required. Background check will be performed prior to the start of work.
Indev encourages you to submit your resume to resumes@indev.com