Information System Security Engineer at Allyon in Chantilly, Virginia

Job Description:

Summary:



Allyon, Inc. is an established IT and Healthcare Services firm and we love what we do! It makes our day when we are able to help talented individuals achieve their career goals while at the same time helping our clients build quality teams. If you are interested in joining the Allyon Team, please apply or submit your resume for review today!



Job Title:



Information System Security Engineer



Location:



Chantilly, VA



Duties and Responsibilities:



• As a SIPR Information Systems Security Engineer, you will have in-depth knowledge and be responsible for analyzing, designing, implementing, and documenting robust security measures to protect the organization's information systems and data assets.


• Your primary focus will be on identifying vulnerabilities, analyzing security threats, and implementing effective security solutions to ensure the confidentiality, integrity, and


• availability of sensitive information.


• Working closely with the cybersecurity team and IT staff, you will play a key role in maintaining a secure and compliant information technology environment


• Security Implementation: Design, deploy, and configure security configurations, such as MFA, centralized


• logging, encryption mechanisms, and access control systems, to protect the organization's information systems.


• Vulnerability Assessment and Audits: Conduct regular vulnerability assessments and audits to identify weaknesses in the IT infrastructure and applications. Analyze results and collaborate with IT teams to remediate identified security gaps.


• Incident Response and Threat Mitigation: Develop and implement incident response procedures to respond effectively to security incidents. Monitor and analyze security logs and alerts to detect and mitigate potential threats promptly.


• Security Policy and Standards Development: Assist in the creation, review, and enforcement of information security policies, standards, and guidelines. Ensure compliance with industry best practices and regulatory requirements.


• Security Compliance Monitoring: Monitor and track compliance with security policies and procedures, conducting periodic audits and assessments to ensure adherence to established security standards.


• Secure Network Architecture: Design and implement secure network architectures, segmenting critical data and systems from less sensitive resources to minimize attack surfaces and potential impact.


• Security Incident Investigation: Lead investigations into security breaches, identifying the root cause and recommending preventive measures to enhance security posture.


• Data Protection and Privacy: Implement data protection measures, encryption techniques, and privacy controls to safeguard sensitive data and comply with relevant data protection regulations.



Minimum Requirements



• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.


• Proven experience as a Security Engineer or in a similar role, with expertise in information security practices and technologies.


• Strong knowledge of network security, operating systems, databases, and application security principles.


• Familiarity with industry security standards and frameworks such as NIST or DoD Controls


• Experience with vulnerability scanning and penetration testing tools.


• Ability to analyze security incidents, perform root cause analysis, and propose effective solutions.


• Knowledge of encryption technologies, access controls, and identity and access management (IAM) principles.


• Excellent communication and problem-solving skills to collaborate effectively with cross-functional teams.


• Experience working in secure areas and on configuring classified systems.


• Required DoD 8140 IAT level II compliant certification such as CompTIA Security+


• Other relevant cybersecurity certifications like Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM), are a plus.


• Understanding of regulatory requirements related to information security (e.g., GDPR, HIPAA) is advantageous.


• Familiarity with cloud security concepts and solutions is a plus.


• Dedication to staying current with emerging cybersecurity trends and threats.


• Top Secret Clearance



What we Offer:



• Competitive pay and benefits


• 401k eligibility after 6 months, including company match


Allyon, Inc. is an equal employment opportunities (EEO) employer and terms of employment are without regard to race, color, religion, sex, national origin, age, disability, or genetics. Allyon, Inc. complies with applicable state and local laws governing nondiscrimination in employment. This policy applies to all terms and conditions of employment.