Information Systems Security Engineer III

Position: Information Systems Security Engineer III 

  

Beware of fraudulent job offers and postings! 
Technergetics will never extend an offer of employment without a thorough interview process involving face to face interviews either in-person or a virtual Teams meeting from an official Technergetics email address (@techngs.com). If you receive any correspondence from an email other than techngs.com, it is a scam. Pre-interview code testing is only administered through the Codility platform. We will not send out questionnaires or testing through any other platform/site prior to a first interview. 

  

Opportunity Overview:  

Do you want to be an originator throughout the software development process and join a young, hungry, expanding business? Is learning a life-long pursuit for you? Traditional corporate culture (no sea of office cubicles here) not really your thing? Then this may be the place for you. We work with teammates both native to upstate NY and across the country to deliver cutting-edge products to our customers.  As an Information Systems Security Engineer III, you will gain experience in emerging technologies including Cloud Platforms, DevSecOps, and many more. Get fired up to join and remain fired up to perform!!  

  

Position Details      

 

Salary Range: $105,000-$118,000 annually. This is a full-time exempt position.    

The development work can be performed at various locations, including remotely or at the company offices in Utica and Rome, NY. For the right candidate, a 100% remote work arrangement is possible.   

Due to the clearance required for this position, only U.S. citizens are eligible to apply; as outlined in Executive Order 12968: Access to Classified Information, eligibility for access to classified information may only be granted to employees who are United States citizens.      

 

Responsibilities and Duties    

We are seeking an experienced and motivated Information Systems Security Engineer to join our team. The ideal candidate will be responsible for designing, implementing, and maintaining security measures to protect our organization's information systems and data assets. This role requires a deep understanding of cybersecurity principles, technologies, and best practices, as well as strong problem-solving and communication skills. Responsibilities include: 

• Security Architecture Design: Design and implement robust security architectures for our information systems, including networks, servers, applications, and databases. 
• Risk Assessment and Management: Conduct regular risk assessments and vulnerability scans to identify security threats and weaknesses. Develop and implement risk mitigation strategies to safeguard our systems and data. 
• Security Implementation and Configuration: Deploy and configure security solutions such as firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, encryption, and access controls. Ensure proper configuration and maintenance of security tools to maximize effectiveness. 
• Incident Response and Investigation: Respond to security incidents, breaches, and intrusions in a timely and efficient manner. Investigate security breaches to determine root causes and recommend corrective actions to prevent future occurrences. 
• Security Policy Development: Develop, implement, and enforce security policies, procedures, and standards to ensure compliance with regulatory requirements and industry best practices. 
• Security Awareness and Training: Provide security awareness training to employees and stakeholders to promote a culture of security awareness and compliance throughout the organization. 
• Security Monitoring and Analysis: Monitor security logs and alerts for suspicious activities and anomalies. Analyze security events and incidents to identify trends and emerging threats. 
• Collaboration and Communication: Collaborate with cross-functional teams to integrate security requirements into system designs and development processes. Communicate security risks and recommendations to stakeholders in a clear and concise manner. 

 

Education and Certifications:    

Bachelor’s degree in computer science, computer programming, information security, or a closely related technical field.  

Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent IAM II certification is required. 

 

Required Qualifications:    

• 7+ years of related experience, which can be reduced for advanced degrees 
• Experience working with Risk Management Framework (RMF), including ushering packages through the Security Control Assessor (SCA) and Authorizing Official (AO). 
• Capable of coordinating and leading discussions during RMF meetings; maintain close communication with the development team; and report status to customers as per reference DoD Instructions 8500.01 and 8510.01. 
• Possess an understanding of the SIPRNet and NIPRNet Enterprise Mission Assurance Support Service (eMASS) and be able to prepare, develop, and maintain RMF Packages.  
• Experience interacting with and supporting developers, System Information Systems Security Officer (ISSOs), Information Systems Security Engineers (ISSEs), Code Reviewers, and Validators.
• Understanding of and ability to resolve Security Technical Implementation Guides (STIG), security control findings, and the Plan of Action and Milestones (POA&Ms).
• Experience tracking, monitoring, and evaluating all related Information Assurance Vulnerability Management (IAVMs) from identification to closeout.
• Experienced in developing and maintaining RMF package(s), including system/program artifacts (compelling evidence), assigning security controls based on the system categorization as required by
• Committee of National Security Service (CNSS) 1253 and NIST Special Publication (SP) 800-60, Volume II, and initiating the RMF System Security Plan (SSP).
• Experienced in validating assigned Security Controls, including executing the SSP, coordinating validation activities, and compiling the status of the validation results in the RMF Scorecard.
• Proven experience in information systems security engineering or a related role.
• In-depth knowledge of cybersecurity principles, technologies, and best practices.
• Experience with security tools and technologies such as firewalls, IDS/IPS, SIEM, antivirus, encryption, and access controls.
• Experience with Linux (Redhat, Centos) and Windows Operating Systems.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and collaboratively in a fast-paced environment. 

 

Clearance:    

Active DoD Secret Clearance is required for this role. 

 

Travel:    

This position is not expected to require travel.  

  

Benefits:    

Our benefits package includes health, life, disability, dental, and vision insurance coverage and a 401(k) policy with a 3% company contribution & 3% company match.     

Other perks include generous Paid Time Off (including a PTO “gift day” for your birthday), 11 Federal Holidays per year, two weeks paid maternity/paternity leave, and annual technology “allowances”.    

Wait! Even more perks include referral bonuses, professional recognition awards, healthcare stipends, tuition/education reimbursement (once specific requirements are met), and flexible daily start and stop times for most projects and positions.    

    

Company Description    

Technergetics is a US-based company headquartered in Utica, NY, with employees and clients locatedthroughout the country.  The Utica/Rome area is a hub of cutting-edge cyber technology research, bolstered by the Griffiss Business & Technology Park’s tenants and facilities, including the Air Force Research Lab (AFRL).  At Technergetics, we work with a wide variety of technologies, including mobile and web apps, Quantum computing, machine learning and artificial intelligence, AI-enabled edge devices, and many more.    

    

We do not discriminate on the basis of  race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.