Position - Security Engineer Location Redmond, WA (100% onsite) Position type - Contract Rate DOE US Citizens and those authorized to work in the U.S are encouraged to apply. We are unable to sponsor at this time. Required skills
- STIG Implementation: Apply DOD Security Technical Implementation Guides (STIGs) to various Windows and Linux-based operating systems according to the specific requirements of each client's environment.
- Security Assessment: Conduct comprehensive security assessments to identify system vulnerabilities, risks, and potential non-compliance issues with DOD standards.
- Remediation: Work closely with engineers and product security to remediate identified security issues and ensure the successful implementation of STIGs.
- Documentation: Maintain detailed documentation of the STIG implementation process, including pre and post-assessment reports, security measures applied, and any necessary configuration changes.
- Reporting: Provide regular status updates to project stakeholders, management, and clients, outlining progress, challenges, and outcomes of STIG application efforts.
- Compliance Assurance: Verify and validate the effectiveness of STIG implementations and ensure that systems comply with DOD security guidelines.
- Research and Stay Updated: Keep abreast of the latest DOD STIG updates, industry best practices, and emerging security trends to continuously improve the implementation process.
- Collaboration: Collaborate with cross-functional engineering teams to achieve successful STIG application and documentation.
Qualifications and Skills
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field (or equivalent experience).
- Proven experience in applying DOD Security Technical Implementation Guides (STIGs) to Windows and Linux-based operating systems.
- Comprehensive understanding of DOD security standards and their implications on system configurations.
- Knowledge of various security tools and technologies used in security assessments and compliance verification.
- Strong analytical and problem-solving skills to identify security gaps and recommend appropriate solutions.
- Excellent documentation skills to create detailed reports and maintain accurate records of STIG implementations.
- Ability to communicate effectively with technical and non-technical stakeholders.
- Industry certifications such as CISSP, CompTIA Security+, or other relevant certifications would be an advantage.