InfoSec Engineer – remote

Our client has contract to hire opportunity for a mid-level InfoSec Engineer with experience providing system security engineering services to ensure secure, reliable, and uninterrupted availability of customer systems and networks. Will support the development, implementation, and management of NIST 800-53 and ISO 27001:2022-compliant information systems. Will collaborate with cross-functional teams to implement robust security architectures, maintain compliance with regulatory standards, and continuously improve the security posture of the organization’s systems.

• All work is to be performed remotely; however, the candidate must be physically located in the United States.

Position Description:

• Execute a Continuous Monitoring plan for NIST 800-53 moderate impact information systems.
• Assess and implement security controls to protect customer-facing applications and their underlying infrastructure.
• Provide technical guidance on the implementation of required security controls.
• Conduct regular security compliance audits and vulnerability scans to identify and manage risk.
• Develop and maintain security documentation, including system security plans (SSPs), risk assessments, and compliance reports in alignment with ISO 27001:2022 and NIST 800-53.
• Work closely with Cloud Engineering teams to ensure security best practices are integrated into all customer application deployments.
• Collaborate with stakeholders to ensure compliance with ISO 27001:2022, NIST 800-53, and organizational security requirements.
• Participate in the preparation and successful completion of audits and certifications related to ISO 27001:2022 and NIST 800-53.
• Respond to security alerts and participate in the incident response process.
• Develop and interpret security architectures, data flow diagrams, and publications that depict the system(s) architecture.
• Work with the ISSO to review, and update Plan of Action and Milestones (POA&M)
• Support Disaster Recovery and Incident Response testing/validation exercises.

Education & Qualifications:

• Bachelor’s degree in information security, computer science, or a related field.
  • Relevant work experience can be substituted for education.
• Relevant industry certifications such as CISSP, SSCP, CCSP, or PECB ISO 27001 Implementer.
• 5+ years of experience in information security
• 2+ years of experience with securing cloud-based systems (preferably in AWS)
• 2+ years of experience securing Kubernetes or OpenShift environments
• Running SCAP scans and interpreting the results (OpenSCAP, SCAP Compliance Checker, STIG Viewer)
• Knowledge of basic network topology (IPv4, DNS, subnets, gateways, routing tables, load balancers)
• Experience with Vulnerability and Compliance Scanning using Tenable Vulnerability Management (formerly Tenable.io) or Tenable Security Center.
• Experience with SIEM Administration and Operation
• Experience with operating and securing both Windows and Red Hat Enterprise (RHEL) operating systems.
• Knowledge of Identity and Access Management concepts including single sign-on
• Experience with operating and securing AWS resources (EC2 instances, S3 buckets, Users)
• Technical and analytical writing skills
• Strong communication and organizational skills
• Must be able to multi-task, work independently, but at the same time contribute and work effectively towards team objectives.

Desired Education, Knowledge, and Credentials:

• AWS specific certifications such as AWS Certified Security – Specialty or AWS Certified Solutions Architect.
• Kubernetes/OpenShift specific certifications such as Certified Kubernetes Administrator (CKA) or Red Hat Certified OpenShift Administrator
• General/conceptual knowledge of Maximo software
• General/conceptual knowledge of TRIRIGA software
• General/conceptual knowledge of WebSphere, DB2, and Oracle