Job Description

Job Type: Contract

Contract length: 09 Months

Job Description:

• IT Systems Engineer are responsible for monitoring our compliance programs for Infrastructure Services.
• This includes overseeing and evaluating government and commercial product and program regulations and requirements to promote and sustain organization integrity.
• The position is also responsible for identifying, defining, communicating, and managing the compliance program requirements and key performance indicators for government and commercial business.

Description:

• IT Systems Engineer are responsible for maturing the Compliance Program.
• Resource will interface with various audit and security personnel, providing policies, procedures, and device evidence required for specific platforms.
• Collaboration with technology owners on application of policies, procedures and audit requirements
• Interpret policies and procedures for accuracy and technical sensibility.
• Manage documentation and evidence repositories for access during audit events (Automated Scans, Manual Scripting, etc.).
• Develop policies and procedures and ensure that the current procedures are updated with current information and available for review for compliance with CMS, ARS, HITRUS, SOC2, DISA policies, procedures, and standards.
• Ability to navigate the DOD DISA public-facing site to include the STIGS Document Library & the STIG Viewer application (xccdf).
• Participate in discussions with all levels of leadership to articulate current state of the program.
• Advise on mitigation and remediation strategies for any variances or ensure they are documented in a Corrective Action Plan (CAP).
• Perform hardware and software evaluations to maintain established baseline integrity.
• Provide evidence to assist with internal and external audits.
• Ensure self-inspection checklists are completed against policies, procedures, and evidence for compliance audits.
• Ensure self-inspection checklists are completed against defined infrastructure platform baselines.
• Gather evidentiary documentation to support audit findings from compliance audits periodically throughout the year.
• Ability to navigate a SQL relational database: clauses, expressions, predicates, queries, and statements.
• Working experience with excel
• Other duties as assigned.

Additional Required Qualifications:

• Four or more years demonstrated proficiency and experience in design, implementation, administration, monitoring and troubleshooting technology.
• Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response and identity and access management
• Competent working in one or more environments highly integrated with an operating system.
• Extensive experience implementing and administering/managing technical solutions in major, large-scale system implementations.
• High critical thinking skills to evaluate alternatives and present solutions that are consistent with business objectives and strategy.
• Ability to manage tasks independently and take ownership of responsibilities.
• Ability to learn from mistakes and apply constructive feedback to improve performance.
• Ability to communicate technical information clearly and articulately.
• Ability to adapt to a rapidly changing environment.
• Proficient working with various audit infrastructure tools/technologies such as Nessus, ACAS, and Nexpose.
• Knowledge of audit and assessment activities and processes
• Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles

Preferred:

• Experience as a primary liaison between Infrastructure Service organizations, Audit and Security organizations.
• Managed requirements within simultaneous two-three audits.
• This position has some accountability to consult independently with operational areas and senior leadership across the Enterprise.
• Identifying, defining, communicating, and managing the compliance audit program requirements and performance indicators.
• Bachelor’s degree in an IT related field or equivalent work experience.
• Certifications: Comptia Security Plus or CISSP.

REQUIRED EXPERIENCE/EDUCATION:

• Four or more years demonstrated proficiency and experience in design, implementation, administration, monitoring and troubleshooting technology.
• Related Bachelor’s degree in an IT related field or relevant work experience
• Certifications: Comptia Security Plus or CISSP (A PLUS)
• Experience implementing and supporting the following Security Frameworks: NIST 800-53, DISA Security requirements, CIS, HITRUST, PCI
• Familiarity with basic enterprise audits, including SOC2, FISMA, MAC ARS
• Experience interfacing with internal and external auditors.

How to Apply

Job Types: Temporary.

71 total views, 0 today

Apply for this Job