Chenega Corporation Information Security Compliance Engineer in Huntsville, Alabama

NJVC

Company Job Title:

Information Security Compliance Engineer

Clearance:

Secret

Location:

Huntsville, AL

Reports To:

Program Manager

FLSA Status:

Exempt, Full Time, Regular

Summary:The Information Security Compliance Engineer provides consulting and guidance on network security operations, solutions and architecture internally during the lifecycle of IT systems for threat and vulnerability management. This role will be focused on the implementation, support, and design of our network security operations and technology as it pertains to assessments, network infrastructure, system monitoring, PCI DSS compliance, and regulatory compliance. Documentation, technical leadership and knowledge transfer are key components of this role.

Essential Duties and Responsibilities:(Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position)

  • Assist in the specification, design, and documentation of network security solutions, including operational processes

  • Support security and technology operations to maintain availability and security of deployed systems

  • Support the operation of vulnerability scanning, and perform analysis and prioritization of the results

  • Analyze and correlate security logs generated by IDS/IPS systems, firewalls, network flow/packet capture systems, malware/antivirus systems and other security logging sources

  • Perform security analysis utilizing SIEM technologies

  • Provide support for Security Operations and Incident Response

Non-Essential Duties:Other duties as assigned

Supervisory Responsibilities:NONE

Minimum Qualifications:(To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.)

  • BA/BS combined with 5 years of overall Information Security engineering and technology operations experience

  • Must possess one of the following certifications:

  • CISSP

  • CISM

  • GSLC

  • Operational experience selecting, configuring, implementing, and managing network security technologies and solutions; e.g., firewalls, proxies, WAFs, DLP, IDS/IPS, malware detection, packet capture and analysis tools, etc.

  • Operational experience with security logging, event correlation, and SIEM technologies

  • Operational experience configuring and managing virtual and cloud-based environments

  • Secret Clearance required

Knowledge, Skills and Abilities:

  • Strong knowledge of TCP/IP, the OSI model, DNS, HTTP, VPN, routing and switching, and load balancer technologies for virtual and physical networks

  • Strong knowledge of threats to include common attack vectors, methodologies and payloads/exploits

  • Knowledge of endpoint security technologies; e.g., antivirus, HIPS, FIM, etc.

  • Knowledge of secure configuration management across multiple platforms

  • Knowledge of Information Security program development, and roadmap design aligned to security policies, standards, guidelines, etc.

  • Knowledge of penetration testing methodologies and practices

  • Working knowledge of ITIL including incident, problem, and change management

  • Ability to troubleshoot complex networks

  • Ability to design network security solutions

  • Ability to effectively give, receive, and respond to feedback

  • Strong documentation and communication skills

Diversity:

  • Shows respect and sensitivity for cultural differences; Educates others on the value of diversity; Promotes a harassment-free environment; Builds a diverse workforce.

Ethics:

  • Treats people with respect; Keeps commitments; Inspires the trust of others; Works with integrity and ethically; Upholds organizational values.

Physical Demands:

  • The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

  • While performing the duties of this Job, the employee is regularly required to sit and talk or hear. The employee is frequently required to walk; use hands to finger, handle, or feel and reach with hands and arms. The employee is occasionally required to stand; climb or balance and stoop, kneel, crouch, or crawl. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision.

Work Environment :

  • The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.

  • The employee will normally work in a temperature-controlled office environment, with frequent exposure to electronic office equipment.

  • During visits to areas of operations, may be exposed to extreme cold or hot weather conditions. Is occasionally exposed to fumes or airborne particles, toxic or caustic chemicals, and loud noise.

Chenega Corporation and family of companies is an EOE.

Equal Opportunity Employer Minorities/Women/Veterans/Disabled/Sexual Orientation/Gender Identity

Native preference under PL 93-638.

We participate in the E-Verify Employment Verification Program.

Minimum Qualifications:(To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.)

  • BA/BS combined with 5 years of overall Information Security engineering and technology operations experience

  • Must possess one of the following certifications:

  • CISSP

  • CISM

  • GSLC

  • Operational experience selecting, configuring, implementing, and managing network security technologies and solutions; e.g., firewalls, proxies, WAFs, DLP, IDS/IPS, malware detection, packet capture and analysis tools, etc.

  • Operational experience with security logging, event correlation, and SIEM technologies

  • Operational experience configuring and managing virtual and cloud-based environments

  • Secret Clearance required

Job: General Engineering

Organization: NJVC

Title: Information Security Compliance Engineer

Location: Alabama-Huntsville

Requisition ID: 1700002050