IT Security Engineer

Job opening ID

Posting title
IT Security Engineer

Roles and responsibilities
Must be US Citizen and Registered for Selective Service
Ongoing contract position
W2 with full benefits
Must be able to pass background check and drug screen

Job Description:
Provides expert consultation in one or more areas for the design, development and implementation of technical products and systems. Selectee will be recognized as technical leader and resource. Must be prepared to recommend alterations and enhancements to improve quality of products and/or procedures. Responsible for all internal activities and product development. Will be expected to demonstrate expertise in a variety of the field's concepts, practices, and procedures, and will rely on extensive experience and judgment to plan and accomplish goals. Performs a variety of tasks, e.g., provide consultation on complex projects as the top level contributor/specialist. A wide degree of creativity and latitude is expected. May report to an executive or a manager.

The IT Security/POAM engineer will manage and implement IT based safeguards for the NOAA computer systems and networks. The selectee will responsible for planning and carrying out security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks. To accomplish their primary goal of protecting computer systems and networks, the IT Security Engineer must have experience in the following areas: 
•Risk Management Framework 
•Plans of Actions and Milestones (POA&Ms) 
•Vulnerability Scanning/Analysis/Reporting 
•Security Controls Assessment (SCAs) 
•Security Audits 
•Penetration Testing 
•Security Engineering 
•Security Solution Architecting 
•Systems Development Life Cycle (SDLC) methodologies
•Advanced Analytics 
•Qualified Information Assurance Technical (IAT), IA Management (IAM), and IASAE

Required Skills:
1.5+ years experience using NIST 800-53, NIST 800-53A, and Federal Assessment & Authorization (A&A) processes. 
2.Current Certified Information Systems Security Professional (CISSP) Certification. 
3.Advanced Microsoft Excel to automate generation of bars, graphs, and charts from raw security data. Example data sources include security logs, network monitoring tools, system logs, and data exports from CSAM and other tools.  
4.Programming experience in at least one of the following languages or scripting tools: Python, Java, JavaScript, C++, or C#. 

Number of positions