Sr. Security Engineer @ Cognosante | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
External
0
Sr. Security Engineer jobs in United States
44 applicants
company-logo

Cognosante · 1 day ago

Sr. Security Engineer

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
date8+ years exp
ftfMaximize your interview chances
Health CareInformation Technology
badNo H1BnoteU.S. Citizen OnlynoteSecurity Clearance Requirednote

Insider Connection @Cognosante

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Analyze the results of vulnerability scans, configuration checks, and security alerts to identify and understand weaknesses or deficiencies and determine remedial actions
Validate the configuration of servers, workstations, network devices, and other equipment against government or industry security standards
Analyze systems, data, and operating environments to determine appropriate safeguards, mitigation plans, and evaluate the effectiveness of implemented security controls
Apply domain-specific security knowledge and subject matter expertise to ensure the successful execution of security management functions
Create, update, and maintain technical and security documentation about systems, networks, and operating environments
Possess ability to identify key concepts, factors and risks based on conversations and document these in clear and concise narrative or graphic reports
Provide security expertise/perspective to support operational processes and procedures including configuration control, maintenance, continuity of operations, and incident response
Risk Management
Support for internal and external compliance audits and assessments
Risk identification, assessment, response, tracking, and monitoring
Monitoring and management of findings and corresponding corrective actions
Development and reporting of security metrics
Information Assurance
Support security assessment and authorization processes and activities, including developing or contributing to the development of security documentation and other artifacts
Monitor changes to applications, networks, infrastructure, and operating environments
Provide audit support for internal and external audits and reviews
Technical Security
Operating, maintaining, and tuning security tools deployed in data centers housing mission critical data and systems ( i.e. Turbot and other CSP native security tools)
Detect, respond to, and forward critical security alerts related to compliance policy violations, new or emerging threat sources and vulnerabilities, and Advanced Persistent Threats (APTs)
Implementing and executing incident response procedures
Performing vulnerability and compliance scanning and assessments
Collecting and aggregating log and security event information
Reviewing and maintaining Standard Operating Procedures for intrusion detection and prevention, security information and event management, incident response, vulnerability assessment, and other applicable security activities and processes
Application Administration
Patching, upgrading, and maintaining server operating system platforms
Performing web development (including scripting and/or programming) for audit and risk management application
Develop and maintain complex and ad hoc reports and dashboards for security and risk management information
Developing and delivering technical documentation and user guides

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

AWSNIST 800-53CISSPCISMAzureDISA STIGSCIS benchmarksNessusBigFixPythonPowerShellSysAdminGCPMCSLCITILIBM Rational ToolsetAgiliance Risk VisionFISMAHIPAANIST CyberSecurity FrameworkFIPS PublicationsNIST Risk Management FrameworkContinuous monitoring

Required

A minimum of 8 years of relevant work experience
Bachelor’s degree in Computer Science, Engineering, Math, Graduate of Technical School, or equivalent (8 years of additional relevant experience may be substituted for education)
Understands the interpretation and implementation of NIST 800-53 controls
Familiarity with DISA STIGS and CIS benchmarks
Familiarity with scanning tools such as Nessus and BigFix
Minimum of three (3) years of experience in leading technical teams to achieve objectives and outcomes: Developing and implementing technical standards, systems and processes for cloud and on-prem environments. Recommending technology strategies and decisions with a high-level of expertise and knowledge. Providing technical direction and support to ensure compliance with standards and guidelines.
Must have experience with implementing, migrating, managing, and operating systems/applications in an enterprise cloud computing environment.
Scripting/Programming proficiency in Python, PowerShell or similar
Minimum of six (6) years setting up, configuring, and using AWS or Azure cloud operational tools to ensure service level agreements and performance targets are met, and continued compliance with policies, standards and guidelines
SysAdmin experience, ideally with multiple operating systems (Windows, RedHat, Linux and/or various flavors of Linux)
One or more advanced security certifications (e.g., CISSP, CISM, GCPM, CSLC, etc.)
Candidate background eligibility requirements are United States citizen or be a Permanent Resident and have lived in the United States for at least 3 years, clean criminal background and able to obtain a Public Trust (High-Risk) Position.

Preferred

Familiarity with Turbot and other CSP native security tools
AWS or Azure Security certifications
Advanced or specialized security certification in disciplines such as penetration testing, incident handling, intrusion analysis, or computer forensic investigation
ITIL certification
Experience with VA’s configuration of IBM Rational Toolset for management, configuration and reporting of work products.
Experience with Agiliance Risk Vision, Enterprise Mission Assurance Support Services (eMASS) or similar governance, risk, and compliance management tools
Familiarity with the VA Handbook 6500 and subordinate publications
Experience working in a ITIL, ISO 20000, or ISO 27000 environment
Active clearance for Public Trust (High-Risk) Position
Expert-level knowledge of federal security laws, regulations, and standards, including but not limited to FISMA, HIPAA, NIST CyberSecurity Framework, FIPS Publications, and Special Publications
Familiarity with all phases of the NIST Risk Management Framework and the achievement and maintenance of authorization to operate (ATO) for federal information systems
Prior experience performing or overseeing continuous monitoring/continuous diagnostics and mitigation activities

Company

Cognosante

twittertwittertwitter
Glassdoor
3.7
company-logo
Cognosante is a provider of healthcare consulting, technology solutions, and business process outsourcing services.
dateFounded in 1987
location
Mclean, Virginia, USA
people-size1001-5000 employees
web-link
http://www.cognosante.com

Funding

Current Stage
Late Stage
Total Funding
unknown
2024-04-15Acquired

Leadership Team

leader-logo
Kevin Cooper
Director, CEO Office
linkedin
leader-logo
Erick Peters
Chief Technology Officer
linkedin

Recent News

Business Wire
Accenture Federal Services Completes Acquisition of Cognosante
2024-05-20
Washington Technology
Accenture Federal puts 'scaffolding in place' to integrate Cognosante
2024-05-16
The Business Journals
Accenture Federal Services to acquire Michele Kang-led Cognosante - Washington Business Journal
2024-04-26
Company data provided by crunchbase
logo

Orion

Your AI Copilot