Intelligent. Dynamic. Resilient.
Everfox, formerly Forcepoint Federal, has been defending the world's most critical data and networks against the most complex cyber threats imaginable for more than 25 years. As trailblazers in defense-grade, high assurance cyber security, we have been leading the way in developing and delivering innovative cyber security technology. We protect data wherever it resides. Our unwavering dedication and commitment to our customers and the critical missions they serve are what set us apart. We are dynamic, vigilant, and proactive in everything we do. Our suite of cross domain, threat protection and insider risk solutions empower governments and enterprise organizations to use data safely - where and however their people need it. At Everfox, we innovate, we invest, we achieve. We protect what matters most to our customers. And we offer protection like no other. We do all of this so our customers can focus on what matters most. their mission.
Job Title : Information Systems Security Engineer (ISSE)
Work Location : Anacostia, DC
Position Summary:
Everfox is one of the world's largest private cybersecurity companies. As a Information Systems Security Engineer at Everfox, you will be joining our professional services engineering team. This role will include accreditation support including document tuning, document reviews with customer and assessors, assessment support. This role will also include engineering support when needed and includes supporting multiple customers, requiring you to troubleshoot and resolve a wide variety of issues independently. While you'll have reach back to other engineering staff, you'll be expected to be a self-starter and multitask, while still communicating effectively with customer and engineering management. The ideal candidate will have previous experience supporting accreditations as an ISSO or SCA as well as providing administrator or SME level support for endpoint security solutions, such as HBSS, Tanium, Digital Guardian, etc.
What You'll be Doing:
Many job listings provide a wide range of confusing and often vague terms. Here at Everfox we take a different approach by spelling out the key things you'll be responsible for.
Validates and verifies system security requirements definitions and analysis and establishes system security designs for controls.
Designs, develops, implements, and/or integrates IA and security systems and system components including those for networking, computing, virtualization, cloud, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements.
Builds IA into systems and services deploying into operational environments at multiple classification levels.
Assists architects and services developers in the identification and implementation of appropriate information security controls and potential security functionality to ensure uniform application of security policy and enterprise solutions.
Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.
Creates and maintains Security Control Traceability Matrix (SCTM), System Security Plans (SSP), Security Test Plans (STP) and Plan of Action and Milestones (POA&M).
Provide engineering, installation, configuration and integration of Everfox commercial-off-the-shelf (COTS) cyber products
Demonstrate competency working hands-on in Linux based environments, troubleshooting on-site technical issues, using and configuring Everfox Cyber Security solutions to deliver critical customer requirements.
Provide on-site troubleshooting, and on-site support to customers including version upgrades.
Provide on the job training to the customer as needed.
Prepare technical documentation to include as-built design, requirements, and Standard Operating Procedures
Provide technical briefings to customer leadership and Everfox corporate leadership as required
Possibility of 25% travel outside of the National Capital Region (NCR) area, frequent travel to customer locations inside the NCR.
Other duties as assigned.
Things You Must Have to Apply:
An active (currently in use) -
TS/SCI w/CI Poly
A Bachelor's degree in Computer Science, Information Systems, Cyber Security, or equivalent education and/or 4-years of relevant work experience.
At least one DoD Approved 8570 Baseline Certification at IAT level II (2) or higher.
Required only for DoD professional services roles.
The ability to obtain the appropriate work authorizations that may be required under U. S. ITAR or EAR regulations from the applicable U. S government agency.
8+ years' experience in Information Assurance positions performing the following tasks:
Reviewing, applying, and remediating security vulnerabilities or implementing security controls based on STIG guidance or scanning reports.
SME level knowledge of NIST compliance
SME level knowledge of working through A&A efforts leading up to the process of obtaining an ATO. Experience working with customers or stakeholders within an organization to achieve.
8+ years' experience in the following technical skills
Expert knowledge and experience in A&A with DCID 6/3/ICD-503
Strong knowledge and experience with NIST SP 800-53 and associated security controls implementation and verification
Strong demonstrated experience in understanding and applying principles of Risk Management Framework (RMF) to operations and tasks.
Tools for continuous monitoring, XACTA, Risk Vison, EMass.
Strong communication skills including verbal and written; Word, PowerPoint, Excel, Visio, Project, and other tools to communicate with peers and customers at all technical levels.
Scanning systems and assisting the team in remediating vulnerabilities, experience with Nessus Scanner, ACAS scanner, SCAP Scanner, etc.
Ability to communicate effectively with senior management in government and contractor teams.
Experience ensuring systems comply with key government security requirements and demonstrate that through verification testing with government security stakeholders.
NIST 800-53 Rev 4 and Rev 5. Also, it will be good if they have experience with Intelligence/Privacy/Classified Overlays.
DISA STIG Viewer
Intermediate network administration knowledge (TCP/IP, firewalls, routers, etc. )
Intermediate Linux/Unix administration knowledge
Intermediate Windows administration knowledge
Experience in troubleshooting and resolving installation and/or application errors
Things That Would Be Nice To Have:
IT security training in various disciplines.
Bachelor's or Master's degree in IA/Cyber Security/Computer Science.
Security architecture, engineering, and A&A experience.
Experience working on and supporting classified networks.
Experience with ICD-503 A&A processes.
Certifications from vendors, such as: Cisco, McAfee, Microsoft, Oracle, Red Hat, Symantec, or VMware.
Experience working with N-Tier architecture.
Experience working in cloud environments .
US - UT - Woods Cross
November 13, 2024
Elasticsearch Software Engineer Location: Hybrid - Salt Lake City, Utah Everfox is looking for a full-time software engineer to join our team building best-in-class cyber security products. As a member of our growing team, you will help design and develop technology solutions that are scalable,...
Elasticsearch Software Engineer Location: Hybrid - Salt Lake City, Utah Everfox is looking for a full-time software engineer to join our team building best-in-class cyber security products. As a member of our growing team, you will help design and develop technology solutions that are scalable,...
Elasticsearch Software Engineer Location: Hybrid - Salt Lake City, Utah Everfox is looking for a full-time software engineer to join our team building best-in-class cyber security products. As a member of our growing team, you will help design and develop technology solutions that are scalable,...
Elasticsearch Software Engineer Location: Hybrid - Salt Lake City, Utah Everfox is looking for a full-time software engineer to join our team building best-in-class cyber security products. As a member of our growing team, you will help design and develop technology solutions that are scalable,...
US - US
October 23, 2024
Intelligent. • Dynamic. • Resilient. • • Everfox, formerly Forcepoint Federal, has been defending the world's most critical data and networks against the most complex cyber threats imaginable for more than 25 years. • As trailblazers in defense-grade, high assurance cyber...
Elasticsearch Software Engineer Location: Hybrid - Salt Lake City, Utah Everfox is looking for a full-time software engineer to join our team building best-in-class cyber security products. As a member of our growing team, you will help design and develop technology solutions that are scalable,...
Elasticsearch Software Engineer Location: Hybrid - Salt Lake City, Utah Everfox is looking for a full-time software engineer to join our team building best-in-class cyber security products. As a member of our growing team, you will help design and develop technology solutions that are scalable,...
US - US
November 5, 2024
Intelligent. • Dynamic. • Resilient. • Everfox, formerly Forcepoint Federal, has been defending the world's most critical data and networks against the most complex cyber threats imaginable for more than 25 years. • As trailblazers in defense-grade, high assurance cyber security,...
US - UT - Saratoga Springs
November 13, 2024
Elasticsearch Software Engineer Location: Hybrid - Salt Lake City, Utah Everfox is looking for a full-time software engineer to join our team building best-in-class cyber security products. As a member of our growing team, you will help design and develop technology solutions that are scalable,...