IT Security Engineer

Job opening ID


Posting title

IT Security Engineer

Roles and responsibilities

Must be US Citizen and Registered for Selective Service
On going contract position
W2 with full benefits
Must be able to pass background check and drug screen

Job Description:
Provides expert consultation in one or more areas for the design, development and implementation of technical products and systems. Selectee will be recognized as technical leader and resource. Must be prepared to recommend alterations and enhancements to improve quality of products and/or procedures. Responsible for all internal activities and product development. Will be expected to demonstrate expertise in a variety of the field's concepts, practices, and procedures, and will rely on extensive experience and judgment to plan and accomplish goals. Performs a variety of tasks, e.g., provide consultation on complex projects as the top level contributor/specialist. A wide degree of creativity and latitude is expected. May report to an executive or a manager.

The IT Security/POAM engineer will manage and implement IT based safeguards for the NOAA computer systems and networks. The selectee will responsible for planning and carrying out security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks. To accomplish their primary goal of protecting computer systems and networks, the IT Security Engineer must have experience in the following areas:
•Risk Management Framework
•Plans of Actions and Milestones (POA&Ms)
•Vulnerability Scanning/Analysis/Reporting
•Security Controls Assessment (SCAs)
•Security Audits
•Penetration Testing
•Security Engineering
•Security Solution Architecting
•Systems Development Life Cycle (SDLC) methodologies, and
•Advanced Analytics
•Qualified Information Assurance Technical (IAT), IA Management (IAM), and IASAE

Required Skills:
• Working, designing, and implementing a Security Operations Center (SOC), and using the tools and processes utilized in an effective SOC and/or Penetration Testing using HP WebInspect
• Familiarity with NIST 800-53, NIST 800-53A, and Federal Assessment & Authorization (A&A) processes
• Advanced use of Microsoft Excel to automate generation of bars, graphs, and charts from raw security data
• Business case analyses, trade-off-analyses, cost estimating, and executive level briefings using Microsoft PowerPoint (advanced level)
• Programming and/or scripting experience in at least one of the following languages: Python, Java, JavaScript, C++, or C#
• Current Certified Information Systems Security Professional (CISSP) Certification

Requires a BS in a related field with 10 years of experience, or and MS in a related field with 8 years of experience.

Number of positions