security engineer

information assurance engineer maryland Aberdeen

April 16, 2019 by Leave a Comment

check me out on:
https://securitycompliance.thinkific.com

the Job:
Job Title: Information Assurance Engineer
Location: Aberdeen, MD
Position Type: Full Time

Clearance: Minimum Interim Secret

Must Have IAT Level 3 Certification.

Job Description:
Provides security engineering designs and implementation in all aspects of Information Assurance and Information Security (InfoSec) Engineering.
Assesses and mitigates system security threats/risks throughout the program life cycle; validates system security requirements definition and analysis; establishes system security designs; implements security designs in hardware, software, data, and procedures;
verifies security requirements; performs system certification and accreditation planning and testing and liaison activities, and supports secure systems operations and maintenance.
Mandatory Skills:
Demonstrated experience performing IA activities in support of software and system requirements, design, development, testing and sustainment
Experience with employment of IA requirements, policies, and processes to include authorization and accreditation as part of the RMF process
Experience with risk and vulnerability assessments and mitigation
Demonstrated ability to provide guidance on Intelligence Community (IC) Cyber/IA regulations and requirements to senior customers, senior LM leaders, and the program engineering staff
Experience with Security Information and Event Management (SIEM) correlation tools, Scanning (Nessus), and Host Based
Security System (HBSS)
Please provide the following information
Rate Expectation:
Full Name:
Contact No:
Alternate contact (if any):
Email address:
Current Location:
Relocation:
Availability:
Visa status

Kindly share your detailed resume at zoeyw@etalentnetwork.com

If you are qualified and interested in making a change or know of a friend who might have the required qualifications, please call me ASAP at (877) 733-3555 Ext.267, even if we have spoken recently about a different position. If you do respond via e-mail please include a daytime phone number so I can reach you. In considering candidates, time is of the essence, so please respond ASAP. Thank you.

Sincerely yours,
ZoeyWest
E TalentNetwork

Home

8251 Greensboro Drive, Suite 250
McLeanVA
zoeyw@etalentnetwork.com
(877) 733-3555 Ext.267

Security Engineer – Foster City, CA

January 26, 2016 by Bruce Brown Leave a Comment

9to9 Software Solutions is looking for Security Engineer for our client in Foster City, CA.

Client: Gilead Sciences

Title: Security Engineer

Duration: 12+ Months

Location: Foster City, CA

Someone who is in the operational side of the security space.
Must have great communication and have worked on security projects.
Must have 3+ years experience using Nexpose and ArcSight.

Main Requirements:

· Someone who can run Nexpose for us day to day (fairly operational work).

· Can help us build ArcSight ESM content.

· Take care of ArcSight related operational tasks.

· Been in the security space for 5+ years.

· Great communication skills.

security engineer

January 22, 2014 by Bruce Brown 1 Comment

System Security Engineer is a critical job in the cyberspace workforce. As information technology has become a centerpiece for our lives, the security of IT has been more and more in demand. A security engineer is expected to have a working understanding of IT enough to be able to strike a balance between operational functionality and application security controls.

System Security Engineer (ISSE, CSSE, SSE I/S Security Engineer) actually can mean anything.. So you actually need to read the job description. But in this post, I am referring to SSE from the perspective Risk Management and DIARMF.

DIARMF Select balance — DIARMF
blog.eircomforbusiness.com/profile/Andy (andy O’Kelly, eircomforbusiness.com)

And Risk Management SSE needs to be savvy enough with the operational needs and security needs to balance the risk. While a security engineer does not take risks of the organization they work for, they do consult the decision makers that do take risks.

Many security engineers are not hands on. Meaning they might not touch the servers or configure routers, but they must know enough to orchestrate the over all security of the organization or system they are assigned to.

System Security Engineering Tasks

I have been in system security engineer positions where I did have hands-on tasks working directly with the system administrators and I have had some where I rarely even seen the systems that I wrote system security plans for.

System Security Engineers do consultation where they are working directly with information owners, project managers, information system security managers or technical security practitioners to come up with the most cost effective strategy for applying security controls with a certain level of effort within a certain time constraint. A good security engineer understands all these factors and make sure the decision makers are well informed. As an SSE the last thing you want to do is a prima madonna and attempt to put security beyond the scope of the operational mission. And don’t be a hero, even if you really care about the mission you must ALWAYS remember the risk is not yours to bear and neither is the decision of what security controls (if any) will be applied.

Tasks of a system security engineer

System security engineers do system security related documentation such as system security plans, plan of action and milestones, security assessment reports and other supporting documentation.

A day in the life of a system security engineer might consist of attending configuration management meetings, meeting with system administrators to address new challenges, writing authorization packages, coordinating with other units to complete an authorization package, reading the latest change to a regulation or organizational standard, WRITING an organizational standard and in some cases they are actually doing security administration on some system.

CYBER System Security Engineer (CSSE)

With Dod 8140 and the cyber-ization of the every goddamn thing! I believe the new term will be CYBER System Security Engineer (CSSE) and in the past it was commonly refer to as an Information System Security Engineer (ISSE).

As stated above and SSE can be just about anything computer security related. I have been a SSE and done nothing put paperwork but also been an SSE and done mostly installations of system security controls. My former co-worker just got a position as an Information System Security Engineer (I/SE) and he will be doing all ArcSight admin stuff.