Cyber Security Engineer(DC local candidates with clearance only)

Job Title: Cybersecurity Engineer

Onsite Position: Local to DC

Security Clearance: DOI Public trust clearance or higher (Secret/Top Secret) clearance.

Full time, Onsite Position

The Contractor shall provide expert technical and security support services to secure the environment. The office of the CISO establishes formal program control procedures to enable the Controlled Unclassified Information 4 mitigation of program risk.

As part of the program control process, the Cybersecurity Engineer shall provide brief written status reports on a weekly basis that will permit Agency to monitor execution and progress of the project.

The contractor will work directly under the oversight of the Agency CISO and shall perform tasks as follows:

• Be knowledgeable of Federal, Agency, and security regulations when developing functional and technical requirements; serve as a POC for Information Technology security issues.
• Coordinate security program tasks with IT Operations Team by evaluating system environments for security requirements and controls including IT Security Architecture, hardware, software, telecommunications, security trends, and associated threats and vulnerabilities.
• Participate in IT solutions design discussions to incorporate security into the system development process and define security specifications to support the acquisition of new systems.
• Engineer, implement, and operate security solutions including Endpoint Detection and Response, Network Detection and Response, Firewall Management, Mobile Device Management, and Security Information and Events Management (SIEM).
• Develop monitoring and analysis capabilities including automated events notifications to gain insight into the Agancy security posture at all times.
• Audit and monitor application, system and security logs for security threats, vulnerabilities, and suspicious activities.
• Adhere to Continuous Monitoring practices to evaluate the effectiveness of implemented security controls that ensure confidentiality, integrity, and availability of information.
• Investigate security incidents and propose counter measures. Report on incidents, vulnerabilities, and trends. Prepare and coordinate Incident Response activities to include all associated actions according to Agency incident response plan.
• Serve as a key advisor in risk assessments of all systems and mitigate vulnerabilities.
• Support and facilitate security awareness, training, and education programs.
• Support the implementation of CDM (Configuration and Diagnostics Management) Program activities led by CISA.
• Support security operations, troubleshoot, and report problems, as needed.
• Document all security procedures according to Agency standards to include technical writing and creation of formal documentation reports, training materials, slide decks, and architecture diagrams.
• Assist the Office of the CISO in any other security related duties, as required

Security Operations Activities Execution. All security operations activities will be planned, prioritized, and executed to meet objectives and milestones as defined by the CISO. The Agency security program uses M365 applications for communication and for tracking activities and milestones.

2.Weekly Activity Reports: Weekly status meetings will be held with key management personnel. The meetings will discuss a summary of activities performed during the previous week and anticipated activities for the upcoming week. A one-page weekly activity report will be submitted on Fridays and should summarize:

a. Objectives met, work completed and work outstanding.

b. Notable achievements.

c. Status of deliverables/milestones.

d. Resource planning/statuses.

e. Issues and impediments to reaching milestones.

• 3.Process Documentation: All repeatable security processes must be documented in the format approved by the CISO.