Company: Axis Technologies
Posted on: December 9, 2018
Security EngineerTS/SCI Security Clearance requiredThe Security Engineer gathers and manages customer requirements as part of collaboration with market facing team members; leads and collaborates closely with Enterprise Architectures, Domain Architects and Systems Engineers to ensure alignment of customer requirements with development and implementation plans; collaborates closely with functional leads (Domain architects, product owners, subject matter experts) to define work plans and dependencies, responsible for outcome verification, and optimized transition to Operations; keeps end-user/operator apprised of solution and progress. This role is heavily software based - and business-value focused.Responsibilities
- Manage the development, documentation, implementation, and communication of customer-facing and enterprise-wide information security strategies, practices and policies.
- Lead and/or manage multi-disciplinary team reviews of existing architecture, identify security architecture and design gaps, and recommend and drive required security enhancements.
- Lead and/or manage multi-disciplinary team reviews of new products, business applications, and/or vendors to identify security design gaps to evaluate appropriate security capabilities, assessing their risk and their value in support of a customer-facing program, corporate goals and overall security strategy.
- Conduct individual, independent security reviews of vendor proposals, review security architectures and recommend modifications to the information security operation to evaluate risk reduce costs or improve service.
- Serve as information security subject matter expert, trusted advisor/inside information security consultant; provide advisory and consulting services as needed to various department and project teams.
- Meet with project teams and other system architects to develop system designs and project plans that include the appropriate security controls and meet security standards.
- Understand current as well as emerging security threats and design security architecture to mitigate threats where possible.
- Stay abreast of new information systems and security technologies and integrate into security architecture design when appropriate.
- Manage multi-disciplinary incident response team in response to current or potential threats, incidents.
- Lead and/or participate in security risk assessments using a NIST and RMF based risk methodology; Maintain a thorough understanding of NIST 800-53 controls, and determine which controls are applicable to the system applications, as well as document implementation in Security Controls Tractability Matrix (SCTM).
- Prepare specific security status reports by developing, collecting, analyzing, and summarizing security related data and trends.
- Present specific security status reports to various levels of management, including Senior Management Team.
- Identify and develop regular and emergency security-related communications as needed.
- Actively promote security and risk related campaigns for information security awareness among all staff.Basic Qualifications
- Minimum of five to seven years of Information Security experience is required.
- TS/SCI Security Clearance required.
- Minimum of bachelor's Degree in Information Technology, Computer Science, Information Assurance or related technical field is required.
- Experience with ICD 503.
- Experience in a Security Analyst, Security Engineer or Security Engineer role required.
- Must have a strong understanding of network architecture, firewalls, Intrusion Detection Systems, web filtering, audit and log management, physical security control systems, real-time systems, and common operating systems.
- Must have a strong understanding of advanced technical security topics such as Security Essentials; Auditing and monitoring networks, systems, and users; forensics, malware analysis; and security incident response.
- Must have a strong knowledge cyber security theory and practice as promoted by numerous security standards and certification entities.
- Previous experience working as a security professional in a Secret or TS/SCI environment.
- Familiarity with software development practices and various methodologies.
- Familiarity conducting vulnerability scans.Preferred Qualifications
- Experience in a converged cyber and Physical Security department preferred. Experience managing cross-functional teams or projects and influencing senior-level management and key stakeholders preferred.
- (Scaled Agile Framework experience preferred: SAFe, and Waterfall experience is beneficial as well)
- Background in GIS, manufacturing, spacecraft command and control, ground systems infrastructure, or analytics is preferred.
- Certifications: CISSP, CEH preferred.The Client offers a generous compensation package including a competitive salary; choice of medical plan; dental, life, and disability insurance; a 401(K) plan with competitive company match; paid holidays and paid time off. - provided by Dice TS/SCI, Security Engineer, ICD 503,
Keywords: Axis Technologies, Aurora , Security Engineer, Engineering , Aurora, Colorado
Didn't find what you're looking for? Search again!