November 16, 2024
[Hiring] Senior Security Officer @eSimplicity

eSimplicity is trendy virtual services and products corporate that delivers cutting edge federal and industrial IT answers designed to give a boost to the well being and lives of hundreds of thousands of American citizens whilst protecting our nationwide pursuits. Our answers and services and products give a boost to healthcare for 100+ million American citizens, offer protection to our borders, and protect our nation through supporting and innovating with the Air Pressure, House Pressure, and Army. Our crew of 200+ engineers, designers and strategists relentlessly problem the standing quos, construct consensus and collaborate to ship new answers with an unwavering center of attention at the consumer revel in from begin to end. 

 

We’re in the hunt for a Safety Officer (SO) liable for offering safety toughen services and products whilst assembly safety regulate compliance necessities for a portfolio of programs at more than a few states of adulthood and modernization. This function will supply toughen for incessantly tracking the cybersecurity posture of programs to safe in opposition to cyber threats.  The SO’s number one duty is to facilitate safety device implementation, safety device utilization, making sure gear stay compliant and configured correctly, the entire whilst making sure a a hit program Authorization to Perform (ATO). Moreover, the SO is predicted to take possession of conversation and visualization of safety problems particularly the place coordination between product groups, knowledge house owners, engineering and infrastructure team of workers is essential for remediation.   The SO owns coordination and reaction to the company’s safety comparable inquires, compliance with company coverage, safety controls, repairs of safety documentation and artifacts.  The SO will act as the main liaison to supply well timed and correct responses to safety comparable information calls (Gadget Safety & Compliance Standing, Vulnerability and Compliance scanning problems).  Supply material experience all the way through all stages of the device building lifecycle. SO will interface with a couple of stakeholders via a couple of touchpoints weekly. 

Tasks:

  • Paintings carefully with the Product Homeowners, ISSOs, engineering and infrastructure team of workers to supply steering on implementation if safety insurance policies, requirements, and procedures
  • Analyze new or up to date safety necessities, collaborate with stakeholders, and expand responses which can be transparent and correct
  • Beef up the overview and replace of ATO artifacts corresponding to Gadget Safety Plans, Knowledge Gadget Contingency Plans, Configuration and Trade Control Plans, Incident Reaction Plans, Privateness Have an effect on Research, and extra
  • Interpret safety possibility overview, overview safety scan effects, assess safety vulnerabilities and toughen the improvement and remediation of vulnerability and compliance problems by way of Plan of Motion and Milestones (POA&Ms)
  • Beef up the improvement of implementation and design documentation in terms of safety characteristic implementation
  • Paintings with engineering and infrastructure staff to report remediation for vulnerabilities and non-compliance problems
  • Analyze and interpret company safety necessities and supply governance conversation to non-security staff
  • Collaborate with product groups, ISSOs and different stakeholders in toughen of continuing tracking and ATO efforts
  • Conducts vulnerability tests and screens programs, networks, databases and Internet-based belongings for potentia device breaches. Recommends and takes the lead on enforcing adjustments to reinforce safety programs, save you unauthorized get entry to, and assist mitigate safety vulnerabilities.
  • Responds to indicators from knowledge safety gear. Reviews, investigates, and resolves upper degree safety incidents.
  • Responds to safety device outages, degradations in provider, track safety laws and indicators, and setup/care for safety device dashboards and reporting.
  • Analysis safety traits, new strategies, and strategies utilized in unauthorized get entry to of knowledge to preemptively get rid of the opportunity of device breach. Guarantees compliance with laws and privateness rules. Conducts analysis to spot new assault vectors.
  • Educates and communicates safety necessities and procedures to all customers and new staff.
  • Counsel procedure enhancements to the tips device for possibility mitigation.
  • Applies iterative safety automation to all program facets expanding general safety posture iteratively and not accepts the established order.
  • Supply audit log overview in Splunk, provide any findings to ISSO, and plan for any investigation or remediation actions.
  • Periodic consumer and privileged get entry to opinions.

{Qualifications}:

  • Minimal of four years comparable revel in.
  • A Bachelor’s level in Pc Science, Knowledge Methods, Engineering, Industry, or different comparable clinical or technical self-discipline. With six years of basic knowledge generation revel in and no less than 4 years of specialised revel in, a point isn’t required.
  • Familiarity with Agile Methodologies.
  • Operating wisdom of AWS Safety gear, their capability, and goal
  • Lend a hand buyer with defining suitable exchange leadership processes (Answerable for documenting utility criticality, privateness, and safety affect research)
  • Wisdom of hardening requirements (DISA STIG, CIS)
  • Working out of NIST Chance Control Framework and NIST 800-53 rev5
  • Enjoy with CI/CD, defining safety resolution gates and DevSecOps
  • Know the adaptation between SAST, DAST, IAST, OAST gear and their purposes, advantages, and weaknesses inside CI/CD
  • Working out of industrial safety practices and procedures; wisdom of present safety gear to be had;{hardware}/tool safety implementation; other conversation protocols; encryption ways/gear; familiarity with industrial merchandise; and present Web generation.
  • Understands steady automatic safety practices carried out to information and alertness engineering groups.
  • Prior revel in managing programs in AWS cloud environments, familiarity with AWS Equipment and Services and products
  • Enjoy with designing safety “baked-in” to any structure: Cloud and IaC, Programs, Internet utility, Information Processing, Information Centric Programs, AI/ML, CICD Pipelines; seeks automation pushed designs.
  • Demonstrated paintings revel in with the next: pc networking, cryptography, safety engineering and structure, vulnerability tests, or running programs required.
  • Extensive revel in the usage of cloud services and products, Linux programs, and Building/Information engineering core gear Github, GitHub Movements, Safety Equipment, and many others.
  • Demonstrated operating wisdom of vulnerability and compliance scanning gear.
  • Understands assess vulnerabilities and supply suggestions irrespective of first-hand wisdom of the applying or device.
  • Confirmed talent to paintings successfully each independently and/or in a crew environment.
  • Should possess sturdy analytical and problem-solving talents; and powerful critical-thinking talents in complicated conversation environments.
  • Robust consideration to element. Required to control/follow-through of a couple of unbiased duties, dependencies throughout intra/inter-project groups
  • Very good organizational and time-management talents in a fast moving surroundings.
  • Very good customer support talents being able to deal tactfully, with a bit of luck, and ethically with each interior and exterior shoppers.
  • Enjoy with Executive Company Safety Review Procedure in toughen of keeping up and/or organising an ATO and the fitting safety boundary.
  • Enjoy with Atlassian Jira & Confluence
  • Very good command of written and spoken English. 
  • Talent to procure and care for a Public Believe, dwelling in the US

Desired {Qualifications}:

  • Federal Executive contracting paintings revel in
  • Extremely most popular business certification such because the CISSP, CEH, GIAC, and many others.
  • Enjoy with Safety Knowledge and Match Control (SIEM) programs (i.e Splunk)

eSimplicity helps a far flung paintings surroundings running throughout the Japanese time zone so we will be able to paintings with and reply to our executive purchasers. Anticipated hours are 9:00 AM to five:00 PM Japanese until differently directed through your supervisor.

 

Occasional go back and forth for coaching and assignment conferences. It’s estimated to be 5-15% consistent with yr.

 

Advantages:

We provide extremely aggressive wage, complete healthcare advantages and a versatile depart coverage.

 

Equivalent Employment Alternative:

eSimplicity is an equivalent alternative employer. All certified candidates will obtain attention for employment with out regard to race, faith, colour, nationwide foundation, gender, age, standing as a secure veteran, sexual orientation, gender id, or standing as a certified person with a incapacity.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related News

Faraway Pupil Representatives at EDUopinions

November 16, 2024

Faraway Senior ML Engineer at Greenscreens.ai

November 16, 2024

You may have missed

Faraway Pupil Representatives at EDUopinions

November 16, 2024

Faraway Senior ML Engineer at Greenscreens.ai

November 16, 2024
What wouldn't exist in my life if I hadn't studied abroad

What would not exist in my lifestyles if I hadn’t studied out of the country

November 16, 2024

Far flung Senior Complete Stack Engineer at SyncWith

November 15, 2024
SO MUCH TO DO SO MUCH TO SEE

SO MUCH TO DO SO MUCH TO SEE

November 15, 2024

Far flung AI Content material Evaluator at Easiest Writers Cafe

November 15, 2024