Steampunk is looking for a Cybersecurity Engineer / Security Specialist who will be responsible for the planning, developing, and implementation of proven high-tech solutions to increase security and defense against hacking, malware and ransomware, insider threats, and other types of cybercrimes. You will evaluate client capabilities and technologies, and recommend and implment best practices for monitoring computer networks, identifying security issues, and anticipating security breaches.  You will be responsible for working with client security personnel, technical team resources, SaaS providers, and other client stakeholders to implement required solutions that demonstrably ensure the protection of customer data and applications.

• Perform hunting exercises using threat intelligence, analysis of anomalous log data and results of historical events and data to detect threats.
• Develop anomaly detection dashboards and reports to identify potential threats, suspicious activity, and intrusions.
• Develop scripts, systems, processes and content to improve detective capabilities.
• Serve as subject matter expert and point of escalation for the client security team.
• Partner cross-functionally to ensure security technologies are actively managed and fully leveraged.
• Partner with teams across the angecy to triage and respond to security incidents.
• Perform security reviews to identify security issues and risks, and develop mitigation plans.
• Advise and consult with internal customers on risk assessment, threat modeling, and vulnerability remediation.
• Partner with business groups to provide guidance on security-related topics, including data security.
• Provide input into Waivers or Risk Acceptance Memos to assist in the effective management of system risks
• Perform system assessments as part of the customer's Ongoing Authorization program
• Provide audit support for assigned systems (Financial, A-123, FISMA, internal, DHS, etc.), throughout the audit (Pre, During, and Post Audit)
• Proactively ensure security requirements are included in development cycle (Waterfall, Agile, SecDevOPs)
• Participate in DevOps Sec (security integrated into Agile processes) requirements for assigned systems
• Support annual assessments in accordance with guidance in the DHS Information Security Performance Plan

Required:

• Ability to object position of public trust with the US Government.  Must be a US Citizen
• Eight (8) to ten (10) years of Security Engineering, Security Analysis, and/or Technical Architecture experience is required; three (3) of which must be FISMA-related
• Bachelor's Degree in related IT Field
• Experience with, and in depth knowledge of, Salesforce GovCloud+, specifically related to security
• Specialized knowledge and experience with the implementation of the NIST Special Publication (SP) 800 family of publications, particularly those associated with the Risk Management Framework
• Specialized knowledge and experience with evaluating system, network, infrastructure, and SaaS security controls against requirements such as FISMA, FIPS, and NIST guidelines
• Knowledge and experience with the vulnerability scanning execution, assessment, and analysis
• Knowledge and experience with information security and assurance principles (e.g., Defense-in-depth) and associated supporting technologies
• Knowledge and experience with application security, database security, and network security
• Experience with evaluating system, network, or infrastructure security controls against requirements such as FISMA, FIPS, and NIST guidelines
• Ability to assess and weigh current and evolving security threats in an operational environment

Preferred Skills:

• Salesforce Administrator certification
• Experience supporting systems hosted in Cloud environments.
• Experience supporting systems in Agile and DevOps environments

Steampunk relies on several factors to determine salary, including but not limited to geographic location, contractual requirements, education, knowledge, skills, competencies, and experience. The projected compensation range for this position is $100,000 to $150,000.  The estimate displayed represents a typical annual salary range for this position. Annual salary is just one aspect of Steampunk’s total compensation package for employees. Learn more about additional Steampunk benefits here. 

Steampunk is a Change Agent in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors.  Through our Human-Centered delivery methodology, we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges.  As an employee owned company, we focus on investing in our employees to enable them to do the greatest work of their careers – and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit http://www.steampunk.com.

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Steampunk participates in the E-Verify program.