Information Assurance Lead bei Karsun Solutions, LLC

Summary

As a Lead Security Engineer, you will contribute to improving the overall security posture of the organization by implementing, upgrading and monitoring security measures for the protection of computer networks and information.  In collaboration with Security Engineering and Operations, you will develop, review, and implement security strategies and best practices.

What You'll Do:

• Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses.
• Ensure integration of security solutions, as the security SME and liaison with the customer ISSO/ISSM
• Determine security requirements for cloud platform services and components
• Conduct system security and vulnerability analyses, and risk assessments
• Evaluate security aspects of solutions proposed by project teams and provide guidance accordingly.
• Architect security solutions and manage frameworks, for AWS and on-premises infrastructure and services
• Provide guidance to product owners and DevOps teams in adoption of security best practices
• Create and maintain information security documentation including SSPs, documentation packages for environment ATOs, discussions with security teams and strategic and tactical issue resolutions
• Identify and evaluate emerging security technologies

Required Qualifications:

• Requires a Bachelor’s Degree in cybersecurity, information systems, business systems, management information systems, IT Management, or other IT degree and a minimum of 10 years of relevant experience Engineering, math, and/or science degrees are acceptable substitute degrees.
• 10+ years of related professional experience including:
• 6+ years of experience with core cybersecurity architecture
• 2+ years of experience managing FISMA compliance for large systems with active experience in working with NIST standards, DISA/STIG standards, creating and maintaining required information security documentation.
• 2+ years of experience working with NIST Special publications, FIPS, FISMA guidelines, OMB Mandates and FEA Security guidelines and FedRAMP security specifications.
• 1+ year of AWS based Cloud security constructs, services and tools working experience
• Experience with the NIST Risk Management Framework (RMF) requirements, processes, and procedures.
• Demonstrated experience in a DevSecOps environment.
• Demonstrated experience in government or industry leading enterprise-level cyber security efforts involving architecting, designing, development, and configuration of cloud and on-premise based systems and software.
• Experience implementing and maintaining security controls; providing guidance, oversight, and expertise; and developing security documents to secure and support an ATO.
• Demonstrated experience in supporting all system A&A activities.
• Knowledge of SDLC with experience in Agile methodologies
• Require one or more cybersecurity certifications (examples below):
• CAP
• CISSP
• GSEC
• GICSP
• CCSP 
• CISA
• CISM
• GSLC
• Ability to obtain and maintain a Public Trust clearance

The proposed salary range for this role is $****** to $******* USD. The salary range provided is a good faith estimate representative of all experience levels. Karsun considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate’s work experience, location, education/training, and key skills.