Information Security Engineer Senior in Richmond, VA at Galapagos, LLC

Date Posted: 11/19/2019

Job Snapshot

Job Description

Position Title:  Information Security Engineer Senior

Work Location: Fort Lee - Petersburg, VA

 

Responsibilities:

Twelve years of professional experience, appropriate computing environment certification, and IA WORKFORCE SYSTEM ARCHITECT AND ENGINEER (IASAE) SPECIALTY qualified in accordance with standards spelled out in DoD 8570.01-M and the Army Information Assurance (IA) Training and Certification Best Business Practice, corrected 6 Aug 2010.   Experience can substitute for the degree provided the person has BOTH the relevant experience AND is fully Information Assurance (IA) certified in accordance with AR 25-2, Information Assurance, and the associated best business practice for IA Training and certification (IA Training BBP).  Experience can substitute for the degree provided the person has BOTH the relevant experience AND is fully Information Assurance (IA) certified in accordance with AR 25-2, Information Assurance, and the associated best business practice for IA Training and certification (IA Training BBP). 

  • Provide oversight for the Computer Network Defense-Service Provider (CNDSP)
  • Work with system owners to close IAVMs/ICVMs and open Plan of Action and Milestones (POA&Ms) in a rapid fashion, in accordance with DoD instructions/directives. Review all POA&MS with the Program Manager on at least a quarterly basis and update the POA&Ms accordingly.
  • Provide Defense in Depth principles and technology in security engineering designs and implementation
  • Analyze existing and future systems, reviewing security architectures, and developing engineering solutions that integrate information security requirements to proactively manage information protection
  • Apply security risk assessment methodology to system development, including assessing and auditing network penetration testing, antivirus deployment, risk analysis
  • Conduct Computer Incident Response Team (CIRT) activities, including forensic analysis
  • Engineer and deploy network defense countermeasures such as anti-virus, anti-spam, and intrusion detection and prevention system solutions
  • Analyze IA security events, including threat model development and resulting security risk analysis of systems
  • Review and assess information security events and logs via sophisticated security information/event manager
  • Plan, implement, and manage a Defense In Depth for the total network and/or enclaves within the network to include such items as: scanning, remediation, host and network intrusion detection/prevention, firewalls, proxy servers, web cache, virus programs, vulnerability scanning, content filtering, remote dial in protection, Host Based Security Services, Directory Services, and Certification and Accreditation, DoD Instruction 5200.40, accreditation guidance and advice IAW AR 25-2 and IA Best Business Practices (BBPs). Plan, respond, investigate, and report undisclosed classified incident remediation. 
  • Assess and mitigate system security threats/risks throughout the program life cycle
  • Validate system security requirements definition and analysis and review/approve System Security Plans for enterprise-wide architectures
  • Maintain Agency public key infrastructure system Implement security designs in hardware, software, data and procedures
  • Provide support for the Department of Defense (DoD) Public Key Infrastructure (PKI) service.
  • Responsible for requesting, receiving, installation, and accountability of system (server) PKI certificates and providing technical support for PKI. 
  • Provide Certification and Accreditation, as well as provide Automated Information System Accreditation support 
  • Provide Security Risk Assessment. Perform risk analysis of resources, controls, vulnerabilities, impact of losing systems’ capabilities and threats to the mission objective; provide analysis to facilitate decisions to implement security countermeasures or mitigate risk; implement countermeasures; periodically review program. Recognize possible threats and review evaluations for compliance and non-compliance. 
  • Other duties as required 

Job Requirements

Qualifications:

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.  The requirements listed below are representative of the knowledge, skill and ability required.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

  • Bachelor’s Degree, or Relevant work experience and training may be considered in lieu of a degree.
  • Computer Science, or other Engineering or Technical discipline with an Information Security or Cyber Security Concentration.
  • Minimum Years of Relevant Experience: 5 years within the last 9 years
  • Five years of professional experience, appropriate computing environment certification, and IA WORKFORCE SYSTEM ARCHITECT AND ENGINEER (IASAE) SPECIALTY qualified in accordance with standards spelled out in DoD 8570.01-M and the Army Information Assurance(IA) Training and Certification Best Business Practice, corrected 6 Aug 2010.   Experience can substitute for the degree provided the person has BOTH the relevant experience AND is fully Information Assurance (IA) certified in accordance with AR 25-2, Information Assurance, and the associated best business practice for IA Training and certification (IA Training BBP).
  • Secret Clearance
  • Must be a U.S. Citizen
  • Must possess and maintain an IT-I level certification IAW AR 25-2 and IAT-II/IAM-II certifications IAW DoD 8570.01-M

 

Physical Requirements:

Work may involve sitting or standing for extended periods of time.  Position may require typing and reading from a computer screen.  Must have sufficient mobility, including but not limited to bending, reaching, and kneeling to complete daily duties in a timely and efficient manner.  May include lifting weigh up to thirty (30) pounds as necessary.  

 

Security Clearance:

Position requires a Secret clearance

 

Company Summary:

Founded in 2017 and headquartered in Hawaii, Galapagos Federal Systems, LLC is the latest Small Disadvantaged Business (SDB) to be registered with the Small Business Administration (SBA) under Nā ‘Ōiwi Kāne, a Native Hawaiian Organization (NHO). We provide large organization stability, capability, and over 30+ years of IT management experience in combination with small business flexibility, agility, and customer care. Leveraging the experience and long-standing success of our management team and Nā ‘Ōiwi Kāne, Galapagos Federal Systems, LLC is capable of successfully competing for and executing large business contracts. 

Our success is based largely on our ability to quickly adapt and respond to customer needs, providing not only the technical expertise necessary to deliver essential solutions, but also the mature management and leadership required to support and sustain large initiatives. 

Galapagos Federal Systems, LLC strives to be a role model in business and community; do the right things for our customers and employees; create lasting customer relationships as a partner, not a vendor; and attract and retain a first-class workforce.

Galapagos Federal Systems, LLC reserves the right to change or modify job duties and assignments at any time.  The above job description is not all encompassing.  Positions functions and qualifications may vary depending on business needs.

Galapagos Federal Systems, LLC is an equal opportunity employer and does not discriminate against applicants based on race, color, creed, religion, medical condition, legally protected genetic information, national origin, sex (including pregnancy, childbirth or related medical condition), sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status or legally protected characteristics.