Talent Orchard | A Leading Provider of Technical Workforce Solutions

Senior Cloud Security Information Assurance Engineer with Secret Clearance (435223)

Job Title
Senior Cloud Security Information Assurance Engineer with Secret Clearance (435223)
Job ID
Fort Belvoir,  VA
Other Location

Senior Cloud Security Information Assurance Engineer

Fort Belvoir, VA

Secret Clearance Required


Talent Orchard has been contracted by a top tier defense firm to assist with staffing a brand new contract opportunity handling Cloud Services for a DoD Customer in Fort Belvoir, VA. For this opportunity we are seeking an experienced Senior Cloud Security Information Assurance Engineer with a minimum active Secret clearance. 

Responsibilities include:

  • Supporting the system development and maintenance lifecycle by providing guidance on implementation and verifying the secure configuration.
  • Provide engineering based input for security controls implementation to the System Security Plan. Design and implement applicable security features through the configuration and change management process.
  • Support the security categorization process, and security controls identification and tailoring process.
  • Develop and maintain in-depth understanding of the automated security configuration and verification scripts.
  • Identify security requirements and impacts resulting from modifications to the systems, and work with the program management in planning activities.
  • Based on the knowledge gained from security engineering experience, support the ISSO and the DoS Assessment and Authorization (A&A).
  • Support the development of various artifacts required such as security categorization, notification of change, revisions to System Security Plan, and the Plan of Action and Milestones (POA&M).
  • Identify and explain false positives; develop mitigations and articulate compensating controls for near-term and planned implementation; assist in the development of alternative remediation or mitigation strategies to minimize vulnerabilities and risks while minimizing the impact to the system functionality and performance as well as program cost and schedule.
  • Provide technical subject matter expert (SME) support for coordinating and developing agreements with common control providers, interfacing systems, and their users.

Required Education and Experience

  • Bachelor’s degree in an information security or engineering field.
  • Minimum 15 years’ experience.
  • Fundamental understanding of risk-based information security management, as well as being knowledgeable of Federal regulations, standards, and guidelines pertaining to information assurance (FIPS, NIST, CNSS).
  • Government Certification and Accreditation experience.
  • Ability to work with the development, integration, and security assessment teams in implementing security controls.
  • Ability to articulate vulnerability and risk based on technical security posture.
  • Use security mechanisms and features in products to provide concrete guidance to remediate findings and develop mitigation plans while being cognizant of system functionality and program management constraints.
  • Ability to support the development of system level POA&M.
  • Identifying security architecture and implementation gaps, vulnerabilities, and risks; and develop, test and implement the solutions to address the gaps, and new or updated requirements.
  • Excellent verbal and written communications skills.
  • Experience as a security engineer or systems engineer including systems architecture, requirements analysis, integration, and process execution and evaluation.
  • Interpersonal skills including the ability to collaborate effectively, self- awareness, and excellent written and oral communications.

Desired Experience/Skills/Attributes

  • Virtualization and Cloud (VMWare, FedRAMP, and DoD FedRAMP+)
  • NIST RMF-related standards and DoD CNSS standards
  • Vulnerability notices and standards (CERT, IAVM, ACAS, SCAP, CVE, CVSS, XVMS, XCCDF)
  • Continuous Diagnostics & Mitigation (ForeScout, RSA Archer, McAfee AC/ePO/PA, Splunk)
  • Directory services (AD, LDAP)
  • PKI-based identities (CAC / PIV / ECA, MS-Certificate Services, PKCS)
  • Scripting of custom capabilities (Perl, SED, SoapUI, cURL, etc.)
  • Security appliances (firewalls, IDS/IPS, load balancers, etc.)
  • Knowledge of secure coding, application security, and ethical hacking.
  • Understanding and experience with big data, analytics, correlation, and data mining.
  • Familiarity with DoS environment (data and voice networks, IT security systems, policies and procedures), Foreign Affairs Handbooks (FAHs), Foreign Affairs Manuals (FAMs), Diplomatic Security (DS) configuration standards.
  • Experience with ACP-127 automated message handling systems (AMHS) and DoS messaging policies / procedures.
  • Experience working on Microsoft- based, complex systems in the security engineering role using the security features of Windows 2003/2008 Server products, Windows XP/7, IIS, Sharepoint, Exchange, SMS/SCCM, and SQL Server products. Understanding of the inner workings of security configuration using Windows Security Templates, GPOs, and various secure configuration for products within the SMART baseline.
  • Experience with RedHat Open Source technologies
  • Ability to analyze and troubleshoot system issues due to security configuration. Able to analyze automation scripts determine their functionality and impact.
  • One (1) of the following Security certifications required:
    • ISACA Certified Information Systems Auditor (CISA)
    • GIAC Security Expert (GSE)
    • GIAC Certified Incident Handler (GCIH)
    • SCP Security Certified Network Architect (SCNA)
    • (ISC)2 Certified Information Systems Security Professional (CISSP)
    • ISACA Certified Information Security Manager (CISM)
    • EC- Council Certified Network Defense Architect (CNDA) or Certified Ethical Hacker (CEH)
    • Cisco Certified Network Associated (CCNA)
    • Cisco Certified Network Professional (CCNP)
    • Microsoft Certified Engineer (MSCE)
    • ITIL® Foundation v3 certification.
    • Project management experience (PMP is a plus.)

Talent Orchard LLC is an SBA (8A), Economically Disadvantaged Woman-Owned Small Business, and Woman Business Enterprise Certified firm that provides the following services to clients in the commercial and public service sectors:

  •  Human Capital
  •  Professional Services
  •  Accounting/Audit Readiness
  •  Network/Cyber Security & IT Infrastructure
  • Software Development/Engineering

Established in 2010, Talent Orchard has an exceptional reputation, providing staffing solutions to time-sensitive, talent scarcity issues to deliver better talent management ROI.  Our specialty lies in the critical area of program talent acquisition and resource management, not in one narrow skillset, but across many areas of technical and functional delivery.

To learn more about our other exciting opportunities, visit our Jobs Page at www.talentorchard.com.


@talentorchard @novajobs #cjpost @fortbelvoirjobs #cloudinformationassuranceengineer #informationassuranceengineer #IAengineer @secretjobs #POA&M

Option 1: Create a New Profile

Apply with LinkedIn