Clearance: Public Trust
**Remote Position**
Information Security Engineer
UNLEASH YOUR POTENTIAL
We deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers’ success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business.
Are you ready for your next career challenge?
We are in search of a Information Security Engineer to join the ASPR Ready team within the Government Health and Safety Solutions Operation. As a core member of the ASPR Ready team, you will play a valuable part building a transformative response and preparedness IT ecosystem. ASPR Ready is being built to modernize disaster data management and facilitate the HHS Assistant Secretary for Preparedness and Response’s (ASPR) response and business lifecycle with transformative technologies. Furthermore, ASPR Ready will address ASPR’s response workforce process challenges by increasing intra-agency collaborations, strengthening IT security, and streamlining data management for ASPR.
If this sounds like the kind of environment where you can thrive, keep reading!
THE MISSION
Our Health Group is recognized as a Top 10 Health IT provider. We draw on decades of success to deliver a range of solutions and services designed to meet the healthcare challenges of today. From the research bench to the patient bedside, we are a company of scientists, engineers, and technologists delivering a broad range of impactful, customizable, and scalable solutions to hospitals and health systems, biomedical organizations, and every U.S. federal agency focused on health. Works with customers across the continuum of care to improve clinical, operational, and financial outcomes with innovative solutions that advance the next generation of care.
Are you ready to make an impact? Begin your journey of a flourishing and meaningful career, share your resume with us today!
THE CHALLENGE:
WHAT SETS YOU APART:
YOU MIGHT ALSO HAVE:
ABBTECH is an EOE/Minorities/Women/Disabled Individuals/Veterans
Intrusion Detection And Prevention
Microsoft Antivirus
Network Security
Public Key Infrastructure
System Monitoring
**Remote Position**
Information Security Engineer
UNLEASH YOUR POTENTIAL
We deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers’ success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business.
Are you ready for your next career challenge?
We are in search of a Information Security Engineer to join the ASPR Ready team within the Government Health and Safety Solutions Operation. As a core member of the ASPR Ready team, you will play a valuable part building a transformative response and preparedness IT ecosystem. ASPR Ready is being built to modernize disaster data management and facilitate the HHS Assistant Secretary for Preparedness and Response’s (ASPR) response and business lifecycle with transformative technologies. Furthermore, ASPR Ready will address ASPR’s response workforce process challenges by increasing intra-agency collaborations, strengthening IT security, and streamlining data management for ASPR.
If this sounds like the kind of environment where you can thrive, keep reading!
THE MISSION
Our Health Group is recognized as a Top 10 Health IT provider. We draw on decades of success to deliver a range of solutions and services designed to meet the healthcare challenges of today. From the research bench to the patient bedside, we are a company of scientists, engineers, and technologists delivering a broad range of impactful, customizable, and scalable solutions to hospitals and health systems, biomedical organizations, and every U.S. federal agency focused on health. Works with customers across the continuum of care to improve clinical, operational, and financial outcomes with innovative solutions that advance the next generation of care.
Are you ready to make an impact? Begin your journey of a flourishing and meaningful career, share your resume with us today!
THE CHALLENGE:
- Assess, design, implement, automate, and document security solutions and processes for solutions built on AWS
- Work with platform engineers on secure best practices in Infrastructure as Code, cloud design patterns, and CI/CD with built in application security controls
- Work on key areas to develop baseline cloud, container, and application security standards and integrate into the CI/CD pipeline
- Identify and mitigate risks posed to the confidentially, integrity, and availability of ASPR Ready
- Implement security architecture, methods, and controls required to meet security, compliance, and audit requirements
- Implement "security as code" using cloud services and CI/CD components as necessary
- Customize cloud compliance tools to meet operational, audit, and risk-based needs
- Develop and implement vulnerability management, continuous monitoring, and incident response processes
- Manage and review security logs and taking required actions
- Oversee periodic audits of systems and implement corrective actions to address audit findings
- Lead risk assessments and provide recommendations for system, network, and application design, implementation, and operation
- Execute security tools for SAST, DAST, OSS scan, pen-test etc. and prepare the security reports for internal and external stakeholders
- Coordinate with the program’s technical leads to provide technical direction and guidance to software developers and systems administrators for security related development and engineering tasks
- Investigate and resolve security violations by providing postmortem analysis to illuminate the issue, and identify causes, possible solutions, and preventative measures
- Establish and manage program control processes and compliance assessments to determine deviations from acceptable configurations, policy, or standards
- Provide expertise in compliance requirements for internal and external reviews of requirements
- Work effectively within a matrixed organization, handle multiple priorities in an efficient manner, and communicate effectively with senior leadership and employees
WHAT SETS YOU APART:
- Bachelor’s degree in a related field and 5+ years of experience in information security/assurance engineering
- Stellar oral and written communication skills
- Significant technical experience in Cloud Computing technologies and automation, specifically AWS
- Ability to break down complex problems and implement custom solutions or scripts beyond just basics to demonstrate thoroughness of problem solving and automated security
- Ability to communicate complex issues, vulnerabilities and security recommendations to other teams, senior management, external vendors, etc.
- Experience analyzing design requirements, infrastructure changes, etc. to identify security weaknesses, risks and areas of improvement with the ability to recommend safeguards, risk mitigations, etc.
- Experience in DevOps environments working with and influencing developers to maintain security through CI/CD processes.
- Experience working with container technologies including Docker and Kubernetes
- Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment
- Knowledge of network based, system level, and application layer attacks and mitigation methods
- Experience with or understanding of a broad range of security technologies including IDS/IPS, IAM, Certificate Management, etc.
- Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security
- An understanding of identity federation, authentication and authorization (SAML, OIDC, OAuth)
YOU MIGHT ALSO HAVE:
- Experience with tools commonly used to automate vulnerability discovery (e.g. fuzzing, static analysis, dynamic analysis)
- Previous Linux system administration experience
- Familiarity with developing, operating, and debugging distributed systems
- Proficient programming skills in scripting and/or object-oriented programming languages
ABBTECH is an EOE/Minorities/Women/Disabled Individuals/Veterans
Recommended Skills
EncryptionIntrusion Detection And Prevention
Microsoft Antivirus
Network Security
Public Key Infrastructure
System Monitoring