Security Engineer-Redmond, WA
Redmond, WA, United States
Security Engineer - prefer someone who has experience working on Department of Defense engagements
Location - Redmond, WA (onsite)
Duration - 12 months
US Citizens, Green Cards & GC-EAD Preferred. No Third-party C2C is Available for this job.
Responsibilities:
• STIG Implementation: Apply DOD Security Technical Implementation Guides (STIGs) to various Windows and Linux-based operating systems according to the specific requirements of each client's environment.
• Security Assessment: Conduct comprehensive security assessments to identify system vulnerabilities, risks, and potential non-compliance issues with DOD standards.
• Remediation: Work closely with engineers and product security to remediate identified security issues and ensure the successful implementation of STIGs.
• Documentation: Maintain detailed documentation of the STIG implementation process, including pre and post-assessment reports, security measures applied, and any necessary configuration changes.
• Reporting: Provide regular status updates to project stakeholders, management, and clients, outlining progress, challenges, and outcomes of STIG application efforts.
• Compliance Assurance: Verify and validate the effectiveness of STIG implementations and ensure that systems comply with DOD security guidelines.
• Research and Stay Updated: Keep abreast of the latest DOD STIG updates, industry best practices, and emerging security trends to continuously improve the implementation process.
• Collaboration: Collaborate with cross-functional engineering teams to achieve successful STIG application and documentation.
Qualifications and Skills:
• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field (or equivalent experience).
• Proven experience in applying DOD Security Technical Implementation Guides (STIGs) to Windows and Linux-based operating systems.
• Comprehensive understanding of DOD security standards and their implications on system configurations.
• Knowledge of various security tools and technologies used in security assessments and compliance verification.
• Strong analytical and problem-solving skills to identify security gaps and recommend appropriate solutions.
• Excellent documentation skills to create detailed reports and maintain accurate records of STIG implementations.
• Ability to communicate effectively with technical and non-technical stakeholders.
• Industry certifications such as CISSP, CompTIA Security+, or other relevant certifications would be an advantage