Upvote
Downvote
Information Security Systems Engineer
Share Job
- Suggest Revision
- Experience in Static Application Security Testing (SAST) for Application Security and Development STIG compliance using tools such as Fortify and Gitlab as part of a DevSecOps Continuous Integration/Continuous Deployment (CI/CD) Pipeline, and generation of summary reports.
- Provide leadership and technical execution support of information security activities associated with the assessment and authorization (A&A) of information systems using NIST Risk Management Framework (RMF) (and derivative) processes.
- Assist program security in the development of, policies and procedures for, secure containerization and devsecops technologies and methods.
- Support security certification and vulnerability assessment activities as required, configuring, and using standard cyber defense and vulnerability assessment tools such as ACAS and SCC.
- Experience in writing and managing RMF body of evidence documents (e.g., System Security Plan (SSP), Security Compliance Traceability Matrix (SCTM), Risk Assessment Report (RAR), Continuous Monitoring (ConMon) Plan, and Security Assessment Plans and Procedures (SAPP).
Active Job
Updated TodaySimilar Job
Relevance
Active