ECS is seeking a Cloud Security Specialist (Int) to work in our Morgantown, WV office Please Note: This position is contingent upon [contract award].
Job Description:
ECS is seeking a Cloud Security Specialist (Int) to work in our Morgantown, WV office. Please Note: This position is contingent upon contract award.
Job Description:
ECS is seeking a qualified Cloud Security Specialist (Int) to support transformative science and technology solutions for the Department of Energy.
In this role you will work directly with administrators to architect secure systems. Independently assess systems for secure configuration and compliance to Federal, NIST 800-53, and Treasury directives. Thoroughly and accurately write security documentation including System Security Plans and Security Assessment Reports. Brief management and administrators on findings. Expect to work directly with administrators to identify and remedy findings and self-direct work to meet OFR deadlines. Design, develop, engineer, and implement solutions to MLS requirements. Perform complex risk analyses which also include risk assessment. Establish and satisfy information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands. Support customers at the highest levels in the development and implementation of doctrine and policies. Apply know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures. Perform analysis, design, and development of security features for system architectures.
Engage directly with administrators and advise them on how to securely configure and administer their applications and operating systems.
Perform risk assessments on major applications and technologies and advise management of risks involved in system operation.
Perform the work to complete and write from scratch all of the following documentation in a thorough, accurate, and grammatically correct manner:
- Security Assessment Reports.
- Security Impact Assessments.
- System Security Plans.
- Risk Assessments.
- Security Risk Compliance Matrix.
- Certification Memos.
- Accreditation Memos.
- Risk Acceptance Memos.
- POAMs.
- Architect secure systems by direct engagement with system and application administrators.
- Assess system compliance with federal information security mandates, DOE Directives, and NIST guidance-and advise management when compliance is deficient.
- Read results of vulnerability scans, identify false positives, and work with administrators to resolve vulnerabilities.
- Brief management and administrators on findings and recommendations.
- Be proactive, self-directed, and align schedule to meet OFR deadlines.
Daily Activities:
Analyze and defines security requirements for MLS issues. Design, develop, engineer, and implement solutions to MLS requirements. Guide effort to gather and organize technical information about an organization's mission goals and needs, existing security products, and ongoing programs in the MLS arena. Perform risk analyses which also includes risk assessment. Develop security standards.
Required Skills: - Must be a US Citizen per contract.
- Bachelor's Degree in information technology or network security AND two years of related work experience in cloud security best practices.
OR
- Associate's Degree in information technology or network security AND four years of related work experience in cloud security best practices.
OR
- Six years of related work experience in cloud security best practices.
- Must be eligible to obtain and maintain a Top Secret or DOE Q clearance throughout the life of the contract.
- Must currently live in Morgantown, WV or willing to relocate.
- Ability to work independently and as part of a team.
Desired Skills: - Active Top Secret or DOE Q Clearance with the ability to maintain clearance throughout the life of the contract.
- Two or more years experience supporting US Government customers.
- Project Management Professional certification.
- Experience supporting complex government and programs of a research and development nature.
- 10+ years experience in Information Security.
- 5+ years writing security documentation such as System Security Plans (SSP) and System Assessment Reports.
- 3+ years performing risk assessments.
- 3+ years as security system architect-advising administrators/developers on how to create and configure secure applications.
- 3+ years as a system or network administrator.
- Expert knowledge of NIST 800 Special Publications, Federal Information Processing Standards, and OMB memos on Information Security.
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, sex, age, sexual orientation, gender identity or expression, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, status as a crime victim, disability, protected veteran status, or any other characteristic protected by law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.
General Description of Benefits