200964 - Product Security Engineer 4
Industry
IT
Region
TX-Texas
City
Richardson
State
TX
Rate
$DOE
Duration
12 months
Description


Chipton-Ross is seeking a Product Security Engineer 4 for a contract opportunity in Richardson, TX.

This position is 100% onsite.

RESPONSIBILITIES:
Analyze customer and regulatory information system security requirements and decompose them into system security design specifications.

Directly contact the customers and lead engineers to ensure that security requirements are crafted into the products and evaluated for efficiency.

Perform as the key system security focal throughout the phases of the DevSecOps framework.

Develop IT architecture deliverables, specific to information security countermeasure implementations, for operational systems and systems under development.

Provide technical cyber security engineering guidance to IT Administrators, System Architects, Systems Engineers, and Software Developers.

Provide system security engineering guidance on the design and implementation of technical policies for user/computer groups and network devices.

Responsible for the design and implementation of security systems across the entire organization's networks, including IDS, firewalls, log capture, host based protections, vulnerability scanning tools, etc.

Conduct assessments of existing IT architecture for compliance with security requirements from applicable security frameworks.

Assess networks/applications/systems and identify vulnerabilities, reporting results to ISSO/IT.

Provide ISSO and IT administrators with system security level expertise to assist with the gathering/securing of data to support incident investigation and response.

Assist ISSO in monitoring, interpreting, and reacting to security device outputs, create documentation in support of authorization/accreditation packages, and deploy security policies, standards, and guidance.

REQUIRED EXPERIENCE:
DoD 8570.01-M IAT Level III Certification (e.g. CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP); and IASAE Level II (e.g. CASP+ CE, CISSP (or Associate), CSSLP)

3 or more years of experience with the implementation of security controls IAW DoD Risk Management Framework (RMF)

Experienced with evaluating and refining customer security requirements

1 or more years of experience with common DoD vulnerability and compliance assessment tools (e.g. SCAP, STIGs, ACAS) and processes

Experienced capturing/detailing system security designs throughout the System Development Lifecycle (SDLC) process (e.g. System Diagrams, System Security Plans, Hardware Baselines, Software Baselines, Network Diagrams, Security Controls Traceability Matrices, Standard Operating Procedures, etc.)

Experienced in security control test plan development and execution

Ability to work independently, actively participate on integrated teams, and lead a task, project, or small team. Requires guidance and direction from more senior level technicians, specialists, and managers only when taking care of new, uncertain situations. Provides mentorship to lower level technicians and specialists.

Experienced working in a customer facing role implementing Information System Security Vulnerability Assessments, to include conducting customer out briefs and generating reports.

Experienced in working with multiple technologies; strong working knowledge of RHEL 7 and above, and/or CISCO IOS/NXOS, and/or Windows server 2016 SHB and above, and/or DoD Windows 10 SHB.

Experienced creating system security implementation solutions against customer requirements.

PREFERRED DESIRED QUALIFICATIONS:
Experienced with installation and configuration of McAfee ePO and DoD required endpoint products.

Experienced with installation and configuration of Splunk Enterprise; to include creation of Apps and Dashboards to audit analysis specifications.

Experienced in Group Policy Management and implementation.

Experienced in multiple scripting languages (e.g. PowerShell, Python, Bash, etc.)

Experienced with Agile development within a DevSecOps environment.

EDUCATION:
Accredited education (e.g. Associate) and typically 6 or more years' related work experience or an equivalent combination of education and experience (e.g. Bachelor+4 years' related work experience, 8 years' related work experience, etc.).

3 or more years of experience with the implementation of security controls IAW DoD Risk Management Framework (RMF)


WORK HOURS:
Full-Time
1st Shift

Employment will be contingent on clearing a drug screen and background check. Both must clear prior to start date.

Contact
Taj Johnson
tjohnson@chiptonross.com
CHIPTON-ROSS, INC.
420 Culver Boulevard
Playa Del Rey, CA 90293

Phone: (310) 414-7800 x283 or (800) 927-9318 x283

Candidates responding to this posting must currently possess the eligibility to work in the United States. No third parties please.

Employment will be contingent on candidate clearing pre-employment drug screen and background check.

Chipton-Ross provides equal employment opportunities to all employees and applicants for employment without regard to race, color, creed, religion, national origin, sex (including pregnancy), age, disability, sexual orientation, gender identity and/or expression, protected veteran status, genetic information, or any other characteristic protected by Federal, State or local law. This policy governs all areas of employment at Chipton-Ross, including recruiting, hiring, training, assignment, promotions, compensation, benefits, discipline, and terminations.