Senior Linux/Storage Infrastructure Engineer
Infrastructure | Arlington, VA | Full Time
SENIOR LINUX/STORAGE INFRASTRUCTURE ENGINEER
About Us: Engineers solving real-world problems
At Applied Insight, we leave no stone unturned in solving our customers’ technology challenges. Supporting the Federal Government with the strongest mission focus, our solutions empower people to collaborate more effectively in delivering services vital to the nation. Our unique approach to information technology considers people first. We make it our job to understand our customer’s mission and the user’s reality right from the start, combining technology and process to deliver what customers really need to succeed – from adaptation to innovation – drawing on our long experience of supporting the US Defense, Intelligence and Federal Civilian communities.
A day in the life-- a few of the things you might be doing on any given day:
- Supports multiple programs administering the information assurance duties as the information systems security officer for information systems processing
- Will coordinate duties with the information system owner, senior information security officer, systems administrator and/or information technology staff, and other identified staff to ensure all Judiciary Information Security Framework requirements are implemented and functional.
- Will assist SDSO system owners with the preparation of security related documentation.
- Will conduct and document technical and non-technical reviews and audits as prescribed by the senior information security officer.
- Will conduct risk assessments based on results from technical and non-technical reviews and will assist the senior information security officer with plans of action and milestone (POA&M) management.
- Will assist the senior information security officer with security alert management.
- Will assist the senior information security officer with regular reporting requirements to the authorizing official.
What we are expecting from you (i.e. the qualifications you must have):
- Experience with implementing “Guide for Applying the Risk Management Framework to Federal Information Systems: a Security Life Cycle Approach” (NIST SP 800-37 Rev1)
- Experience with the NIST, “Security and Privacy Controls for Federal Information Systems and Organizations” (NIST 800-53 Rev4) and a deep understanding of how to evaluate potential control implementations for organizational conformance.
- Experience implementing Federal government security requirements to include technical computer/network system auditing (“Technical Guide to Information Security Testing and Assessment” (NIST SP 800-115)).
- Experience developing System Security Plans (SSPs) (“Guide for Developing Security Plans for Federal Information Systems” (NIST SP 800-18 Rev 1) and all supporting assessment and authorization documentation such as contingency plans (“Contingency Planning Guide for Federal Information Systems” (SP 800-34 Rev1)), incident response plans (“Computer Security Incident Handling Guide” (SP 800-61 Rev2)) , security assessment plans/security assessment reports (“Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans” (SP 800-53A Rev4), security impact analyses (“Guide for Security Focused Configuration Management of Information Systems” (SP 800-128), and POA&Ms.
- Experience with analyzing vulnerability and penetration testing reports to develop and manage POA&Ms to include risk calculations (“Guide for Conducting Risk Assessments” (SP 800-30 Rev1)).
- Must be a self-starter capable of multitasking and efficiently managing time in a dynamic environment while requiring minimal levels of supervision.
- Effective writing, speaking, analytical, and outstanding customer service skills.
- Knowledge of computer forensics tools and investigative methodologies.
- Knowledge in Microsoft Server and Linux operating systems.
- Knowledge of Active Directory principles.
- Knowledge of Digital Identity management principles and methods.
- Knowledge of Federal information security considerations as they pertain to cloud computing. Specifically, experience with FedRAMP and Microsoft Office 365 is desired.
- Enterprise Solutions, Storage & Databases: advanced understanding of relational database, database management systems, enterprise storage solutions, and security concerns specific to these technologies.
- High School with 10 years of directly related experience or BS degree in an information systems/technology related field with 5 years of directly related experience.
Nice to have:
ISC2 Certified Information System Security Professional (CISSP)
- Judiciary Information Security Framework experience.
- Technical writing.
- Experience with the Cyber Security Assessment and Management (CSAM) application or other equivalent governance, risk, and compliance tool (e.g., Xacta, eMASS, Archer, etc.).
www.applied-insight.com. EEO/AA including Vets and Disabled.