• Information Security/Assurance Engineer

    Job Locations US-WV-Fairmont
    # of Openings
  • Qualifications

    • Bachelor’s Degree in IT/Computer Science with over 5 years of experience in security engineering and analysis
    • Ability to develop scripts and code for vulnerability assessments and scanning
    • Familiarity with biometric systems and ABIS
    • Security+ is required
    • CISSP or CEH is a plus
    • Familiarity with a variety of the IT security field’s concepts, best practices, policies, and procedures.
    • Extensive experience in network, database and web application security.
    • Working knowledge of NIST 800-53 controls, RMF, DIACAP, ISO 27000.
    • Working knowledge of vulnerability scanning and monitoring.
    • In depth knowledge of application, data, and web security.
    • Deep understanding of TCP/IP internetworking principles.
    • Familiarity with various web application attack methods including: DDoS, buffer overflows, brute force techniques, among others


    Job Description:
    • Implement and document analysis, testing, and evaluations activities necessary to ensure that the systems and networks obtain and maintain full accreditation with NIST 800-53 controls and RMF standards
    • Perform patch management and execute system vulnerability scans and anti-malware software using approved processes.
    • Use approved tools to collect IAVAs, determine which are relevant to ABIS systems, categorize them in terms of severity, prioritize them on the watch-list based on category, schedule patches based on priorities but no less frequently than monthly, verify system logs that patches were installed correctly, and support system scans to verify the remediation.
    • Implement industry standard operating system and application hardening practices, including strong user access controls and authentication, robust roles and privileges management, disciplined patching and scanning, firewall and boundary protection, and IDS/IPS capabilities.
    • Conduct system assessments and the development/implementation of a continuous monitoring program, configuration changes, policy compliance as well as user and network activity auditing.
    • Develop and implement a Continuous Diagnostics and Mitigation (CDM) plan to assess the CS posture of all ABIS systems, and ensure compliance with FISMA standards, and address evolving threats.
    • Ability to periodically perform vulnerability assessments and penetration testing to secure systems and networks
    • Support Incident Response/Disaster Recovery - containment, assessment, and risk remediation techniques
    • Support holistic and integrated Cybersecurity approach ensures information confidentiality, integrity, and availability of AABIS/IABIS systems


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed