Raytheon is seeking a Senior Security Engineer to support an Intelligence customer on a prime program. The team shall provide support for process and policy determine in the domain of cyber security and information assurance. The Contractor team shall support the Sponsor’s Information System Security Manager (ISSM) and have an understanding of Accreditation and Authorization (A&A), network security and Amazon Web Services (AWS) cloud services.
• Actively participate in or lead Technical Exchange Meetings (TEMs)and application review boards, documenting actions items/results of these events.
• Provide analysis of vulnerability results and suggest mitigation plans for security problems.
• Understand cloud based infrastructure as a service technologies (AWS experience preferred).
• Assist in the evaluation and analysis of AWS cloud services and tools from a security risk perspective.
• Assist in providing security guidance for internal Sponsor documentation.
• Provide analysis of vulnerabilities identified by compliance tools.
• Conduct TEMs to verify and validate systems against NIST, RMF Sponsor internal security regulations.
• Assist in researching, evaluating, and developing relevant Information Security policies and guidance.
• Brief management, as needed, on the status of the system and/or risk mitigation activities.
• Assess/calculate risk based on threats, vulnerabilities, and shortfalls uncovered in testing and provide recommendations for risk decisions to Sponsor.
• Identify mitigating countermeasures to identified threats, vulnerabilities, and shortfalls.
• Provide enhancement capabilities and SOPs to assessment operations for execution and implementation.
The Contractor team shall be required to have demonstrated expertise in the following technologies:
• Demonstrated experience in understanding, applying, and testing IT systems against NIST 800-53/A and (DISA) Industry Standards.
• Demonstrated experience coordinating and performing cyber assessments, analyzing and documenting test results, and documenting risk.
• Demonstrated experience reading and analyzing security plans to develop an understanding of systems and applications including making recommendations on program-level documentation (e.g., requirements specification, system architecture, design documents, test plans, security plans, etc.).
• Demonstrated experience with cyber security policies and guidance, and research, evaluation, and development of relevant security policies and guidance.
• Demonstrated experience providing analysis of vulnerability results and suggesting mitigation plans for security problems.
• Demonstrated experience analyzing vulnerability scans.
• Demonstrated experience using HP Fortify, McAfee ePO and other incident response tools.
• Demonstrated experience using Linux, Windows, Wireless and Virtual Platforms.
• Demonstrated experience with cloud based infrastructure as a service technologies (AWS experience preferred).
• Demonstrated experience securing and providing risk mitigations for systems and applications in the AWS cloud environment.
• Experience and knowledge of the Microsoft Cloud (Azure).
• System configuration, development and design, specifically around enterprise systems.
• Experience with written and oral communication skills in responding to email, telephone and/or in person inquiries from organizational personnel.
• Experience with monitoring network activity including network traffic, emails, log files, etc.
At least one of the following certifications is highly desired:
• ISACA Certified Information Systems Auditor (CISA)
• Certified Authorization Professional (CAP)
• ISC Certified Cloud Security Professional (CCSP)
• Certified Information Systems Security Professional (CISSP)
• ISACA Certified Information Security Manager (CISM)
• PMI Project Management Professional (PMP) certification
• Relevant hands-on technical certification (e.g., Microsoft MCSE)
• ITIL Foundation certification; Oracle Database Introduction to SQL;
• Certificate of Cloud Security Knowledge (CCSK). 147829
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.