---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Security Engineer
Location: Chantilly, Virginia, United States
Type: Permanent F/T
Closing Date: 2007-03-08
NYTOR, Inc.
Position Description
Position Title: Security Engineer
Supports: Various
Reports To: Manager, Information Assurance Group
Labor Category: Engineer
FLSA Status: Exempt
Employment Category: Full-Time Regular
POSITION PURPOSE:
The Security Engineer serves as the point of contact for documentation needs
concerning security-related matters (both Defense Information Technology
Security Certification and Accreditation [DITSCAP] and Federal Information
System Management Act [FISMA] certification and compliance verification
contract activities, acting as liaison to engineers and other subject matter
experts to convey technical concepts. This includes documenting security
practices as well as deliverables as appropriate.
DUTIES:
Under general supervision of the Information Assurance Mgr, responsible for the
overall security and integrity of organizational electronic data, data systems
and data networks. Designs and administers programs to include policies,
standards, guidelines, training programs and a viable quality assurance process
for disaster recovery. Oversees and reviews the testing and implementation of
software, data systems and data networks to ensure that the integrity and
security of all electronic data and data systems are adequately protected.
Oversees and facilitates the preparation of an organization-wide business
continuity plan. Responsible for day-to-day security administration of the
organization’s data systems and data networks including systems access
administration. Typically requires five or more years of Windows based
administrator experience with at least one year specialization in security
engineering.
Specifically, responsible for documenting all security-related operations for
contract work, including the design and planning of system security testing and
auditing; ethical hacks performed on the network by employees or contract
personnel; verification of compliance with Security Technical Implementation
Guides (STIGs) and certification security standards. Provides significant
input for the development of all security-related documents, including but not
limited to security plans, security policies, sensitivity assessments,
certification and accreditation (C&A) filings. Works cooperatively with
technical and program staff in reviewing information systems security
environments to include all aspects of physical, technical and administrative
security issues. Creates and updates related security documentation,
methodologies, operating procedures and evaluates government and commercial
policies, manuals, regulations, etc for relevance to information systems
security issues.
KNOWLEDGE AND SKILLS:
Minimum five years information technology (IT) experience including
security-related. Emphasis on network engineering, IT best practices, and
continuous/critical operations. Strong background in IT security principles
and server operations. Previous experience working with information systems
and C&A experience are required.
Must have experience in the technical information capture, conceptual outlining
and writing of System Security Authorization Agreements (SSAA), Concept of
Operations (CONOPS), System Security Policies (SSP) and numerous other body
documents foundational to government Certification and Accreditation (C&A)
activities
EDUCATION AND WORK EXPERIENCE:
A bachelor’s degree in a technical field or three years of directly
relevant experience in information technology and/or communications networks is
a requirement for this position. To be eligible for this position, a candidate
must hold a current Cisco CCNA certification and hold or be pursuing Microsoft
MCSE Security certification (Windows 2000 or Windows Server 2003). Additional
technical and/or business certifications highly relevant to this position
include the Security+ credentials.
Demonstrated skills as technical writer documenting security aspects of complex
networks. Must have hands-on experience in implementing and monitoring
security testing of networks. Requires the ability to communicate
sophisticated technical concepts and designs. Should have strong
organizational skills, be detail-oriented, and be able to work well within a
team. Must have the ability to accomplish multiple and diverse taskings and
activities. Department of Defense (DoD) SECRET or above clearance required.
Additional Responsibilities Include:
• Create, format, edit and proofread documents on security matters to
ensure product meets standards set forth by the customer and team.
• Support security audits as necessary.
• Document security testing, including procedures and results, across the
enterprise.
• Provide documentation of security efforts, methodologies, and audit
findings.
• Work with the project leads to coordinate proper implementation of
security standards.
• Provide on-site support to the contract program management office as
needed.
JOB REQUIREMENTS
---------------------------------------------------
CONTACT
---------------------------------------------------
send resume via email to peggy.stoltzfus@nytor.com
NYTOR, Inc.
Peggy Stoltzfus
Office Manager
peggy.stoltzfus@nytor.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
