Job Description :
Position :: CyberArk and SailPoint Security Engineer
Employment Type :: contract
Location: :: Washington, DC

Specific responsibilities include:
Developing security recommendations following NIST guidance and security best practices
Tailoring NIST SP 800-53 security controls to the environment
Supporting the development of security solutions
Formulating, creating, and tracking security Plans of Action and Milestones (POA&Ms)
Coordinating with platform teams to maintain currency of the system’s technical description and control implementation statements
Performing a security impact analysis for each proposed change to the system’s configuration
Reviewing and updating security artifacts and process/procedure documents
Reviewing work instructions and operational procedures for compliance with security requirements and policy
Interpreting security principles and requirements for technical teams
Collaborating with ISSOs of other FISMA systems to ensure continued compliance with security control inheritance conditions
Monitoring remediation of system vulnerabilities discovered by scanning tools


Active CompTIA Security+ or (ISC)2 CISSP certification
At least five (5) years serving as, or supporting, an ISSO or ISSM
Bachelor''s degree or equivalent and at least nine years of security-related experience
Demonstrated experience with information security engineering practices and experience with implementation of NIST security controls
Demonstrated experience with implementation of NIST Risk Management Framework
Strong communication and writing skills
Fluent in all Microsoft Office products (Word, PowerPoint, Excel, Project, Visio)

Broad understanding of security protections typical in enterprise environments, including security hardening, firewalls and input filtering, DiD architectures and boundary/endpoint best practices
Basic understanding of server, workstation, network, database and web technologies
Familiarity with Cyber Security Assessment and Management (CSAM), Splunk, Symantec Endpoint Protection, Tenable Security Center, IBM BigFix and Cisco IDS/IPS tools
Proactive and aggressive, functions with little guidance, but also functions well in team environment
Cybertec, Inc.,
11710 Plaza America Drive
Suite #2000, Reston, VA 20190