FISMA Information Security Engineer – GRC, NIST, A&A; Public Trust (Hybrid) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Peyton Resource Group · 1 week ago

FISMA Information Security Engineer – GRC, NIST, A&A; Public Trust (Hybrid)

positionBethesda, MD
timeFull-time
remoteHybrid
senioritySenior Level
money$60/hr - $67/hr
date5+ years exp

Peyton Resource Group is seeking a FISMA Information Security Engineer to bridge the gap between technical security controls and federal compliance requirements. This role involves security engineering and governance, risk, and compliance activities primarily centered around the Federal Information Security Modernization Act (FISMA) and the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF).

Human ResourcesInformation TechnologyRecruitingStaffing Agency
check
Growth OpportunitiesbadNo H1BnoteU.S. Citizen Onlynote
Hiring Manager
Erica Albert
linkedin

Responsibilities

Implement and Monitor Controls: Implement, document, and monitor security controls in accordance with NIST SP 800-53 (Security and Privacy Controls for Federal Information Systems and Organizations)
Assessment & Authorization (A&A) Support: Support the Authorization process, including contributing to security assessments, control validation, and evidence gathering to achieve and maintain an Authority to Operate (ATO)
System Security Plan (SSP) Management: Assist in the development, maintenance, and update of System Security Plans (SSPs) , including continuous monitoring strategies and Plans of Action and Milestones (POA&Ms)
Coordinate and support Internal & External Security Audits (e.g., Office of Inspector General (OIG), independent assessors)
Reporting: Generate reports on security control compliance, vulnerability posture, and POA&M status for stakeholders and the Authorizing Official (AO)
Control Implementation: Consult on the configuration and management of security tools and systems (e.g., SIEM, vulnerability scanners, intrusion detection/prevention systems) to effectively enforce NIST 800-53 controls
Vulnerability Management: Analyze results, prioritize remediation efforts based on risk to the system's security categorization (e.g., FIPS 199), and track POA&M completion
Incident Response: Participate in security incident response planning and testing activities, ensuring all incidents are documented and handled in compliance with federal reporting requirements
Change Management: Review system and network change requests to ensure security implications are addressed and maintain the security posture of authorized systems

Qualification

FISMA ComplianceNIST RMFSecurity EngineeringCSAMSplunkTenablePalo AltoCheckmarxSecurity CertificationsIncident ResponseChange ManagementAuditing

Required

Bachelor's degree in Computer Science, Information Technology, or a related field
Relevant security certifications
5+ years of progressive, hands-on experience in Federal IT Security Engineering
3+ years of experience focusing on federal compliance (FISMA, NIST RMF)
Ability to obtain a Public Trust Clearance is required
Must be a US Citizen or Green Card/Permanent Resident

Preferred

CSAM, Splunk, Tenable, Palo Alto, Checkmarx

Company

Peyton Resource Group

twittertwittertwitter
company-logo
Peyton Resource Group is a staffing and recruiting company that offers contract, direct placement, and consulting services.
dateFounded in 2001
location
Dallas, Texas, USA
people-size11-50 employees
web-link
http://prg-usa.com

Funding

Current Stage
Early Stage
Company data provided by crunchbase