System Engineer, Novul Solutions, Annapolis Junction, MD
Novul Solutions -
Annapolis Junction, MD,
US
System Engineer
Date Posted: 2024-05-08
Job description
Job Description
Seeking a System Engineer to support its government customer in Annapolis Junction. Perform or review, technical security assessments of computing environments to identify points of vulnerability, and non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies. Support security authorization activities in compliance with NSA/CSS Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF).
Location: Annapolis Junction, MD
Work Model: Onsite
Requirements
Clearance: Top Secret SCI Full Scope Polygraph Clearance.
Certifications: Certified Project Management Professional (PMP), Certified Systems Engineering Professional (CSEP), IEEE Risk Management for Engineers Certification
Candidate Requirements and Experience:
Relevant Requirements and Demonstrated Experience:
This is a full-time position and requires a Top Secret SCI Full Scope Polygraph Clearance.
Benefits
Core Benefits:
Health Benefits:
Quality of Life Benefits:
Special Benefits:
Seeking a System Engineer to support its government customer in Annapolis Junction. Perform or review, technical security assessments of computing environments to identify points of vulnerability, and non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies. Support security authorization activities in compliance with NSA/CSS Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF).
Location: Annapolis Junction, MD
Work Model: Onsite
Requirements
Clearance: Top Secret SCI Full Scope Polygraph Clearance.
Certifications: Certified Project Management Professional (PMP), Certified Systems Engineering Professional (CSEP), IEEE Risk Management for Engineers Certification
Candidate Requirements and Experience:
- Work in a team environment that manages security assessment, security compliance, change management, and continuous monitoring activities across 5 cloud service providers (Amazon Web Services, Google Cloud, Oracle Cloud, Microsoft Azure, and IBM Cloud) through the Sponsor's office.
- Assess cloud security technologies for security gaps and weaknesses according to industry standards.
- Analyze security scan findings and perform risk analysis on security scan findings.
- Review cloud security body of evidence packages for completeness and accuracy.
- Collaborate with other internal components and security peers to determine the security and potential weaknesses of cloud infrastructure and cloud services.
- Advise Sponsor leadership on cloud security services.
- Analyze system alerts to determine if a security weakness exists and document risk mitigation procedures.
- Sustain and evolve the Sponsor's standard operating procedures to meet Program Objectives.
- Facilitate technical exchange meetings (TEMs) with cloud service providers to review cloud service architectures.
Relevant Requirements and Demonstrated Experience:
- Experience facilitating TEMs with cloud service providers to review cloud service architectures.
- Experience maintaining assessment and authorization (A&A) packages across multiple services or systems in accordance with FIPS-199, NIST 800-53, and CNSS 1253 requirements.
- Experience designing, implementing, assessing or reviewing systems that utilize cloud technology with either Amazon Web Services, Oracle Cloud, Google Cloud, IBM Cloud, or Microsoft Azure cloud architecture.
- Experience utilizing or reviewing cross domain technology and common architecture designs.
- Experience consulting project teams on system architecture and security posture.
- Experience with continuous monitoring requirements to include scan analysis for critical or high findings with common scan tools such as Rapid 7, Nessus, and Qualys.
- Experience creating, monitoring, or closing system or service Plans Actions and Milestone items (POA&Ms).
- Experience utilizing compliance tools to track assessment and authorization activities such as Xacta 360, Risk Vision, RSA Archer.
- Experience with the common control provider concept within the NIST Risk Management Framework.
- Experience with security control assessments to include working with SCAs and preparing security packages for SCAs.
- Experience conducting information system security engineering activities.
This is a full-time position and requires a Top Secret SCI Full Scope Polygraph Clearance.
Benefits
Core Benefits:
- Paid Time Off (PTO): Accrued Semi-Monthly, commensurate with experience.
- Holidays: 7 Standard Holidays + 4 Floating Holidays (Employee Choice).
- Payroll: Paid Semi-Monthly on the 7th and 22nd. Direct Deposit Available.
- 401(k): 100% match on contributions up to 4% through VANGUARD; immediate vesting. Plus, 0% to 4% Profit Sharing at year-end.
- Reward & Recognition Programs: Participation in Employee Referral and Bonus Programs.
Health Benefits:
- Medical Coverage: Choice of HMO and POS Coverage by BCBS CareFirst. HMO Plan covers employees and their families at 100%.
- Dental & Vision Coverage: Provided at no cost to the employee by Delta Dental and VSP.
- Life Insurance: $100,000 coverage per employee at no cost, with additional options.
- Long-Term Disability: 60% of base monthly earnings up to $10,000/month.
- Short-Term Disability: 60% of weekly salary up to $2,000/week.
Quality of Life Benefits:
- Mobile Phone Allowance: $75/Month
- Internet Access Allowance: $50/Month
- Grooming Allowance: $50/Month
- Fitness Allowance: $600/Annually
- Professional Association Memberships: $350/Annually
- Wellness Challenges: Amazon Gift Cards for Successful Completion.
Special Benefits:
- Annual Corporate Trip: Travel and lodging for eligible employees and their families.
- Tuition Reimbursement: Support for continued learning up to $5,000 annually.