Candidates must possess a minimum TS/SCI in order to be considered. 

IOMAXIS is seeking a senior System Security Engineer, who enjoys security work and possesses both deep and wide expertise in the security space. You will work as part of dynamic team keeping computer systems and network devices hardened against attacks and securing information systems. Qualified candidates will have a background in security and systems engineering. This is a full-time, onsite, day role, supporting operations in Lorton, VA.

What You Will Be Doing

• Engineer, implement and monitor security measures for the protection of computer systems and networks
• Work closely with the ISSO, systems and network engineering teams to maintain architecture security posture
• Work with systems and network engineering teams to build asset repositories and asset scan policies
• Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
• Implement tools to assist in detection, prevention and analysis of security threats
• Implement a comprehensive scanning strategy to identify vulnerabilities and confirm remediation
• Working with and configuration of a variety of security centric tools such as Anti-Virus, IDS/IPS, SIEM technologies.
• Automate security testing
• Provide certification and accreditation support and RMF based continuous monitoring support
• Configure and execute Nessus vulnerability and compliance scans
• Ensure traceability of all vulnerabilities from raw assessment results to a system POA&M
• Conduct vulnerability analysis to support mitigation and residual risk determination
• Provide guidance and recommendations for continuous monitoring technologies, leveraging current available technologies and recommending solutions to address gaps

Required Experience

• Minimum of 6 years of related experience
• Proven work experience as a system security engineer or information security engineer
• Experience in Windows and Linux operating system environments and scripting skills
• Familiarity with network specific security toolsets, Suricata, iptables, Zeek, etc..
• Experience working with DISA Security Technical Implementation Guides (STIGs)
• Experience building and executing Nessus scans
• Experience working with Tenable’s Security Center
• Possess working knowledge of the DoD CS policy requirements set forth in DoDI 8500.01, “Cybersecurity,” and DoDI 8510.01, “Risk Management Framework (RMF) for DoD Information Technology”
• Thorough understanding of the latest security principles, techniques, and protocols
• Strong organizational skills and an ability to stay focused while managing multiple tasks concurrently
• Problem solving skills and ability to work under pressure
• Detailed oriented

Clearance

• Top Secret/Sensitive Compartmented Information (TS/SCI) clearance required

All your information will be kept confidential according to EEO guidelines.

#CJ

As an Equal Opportunity Employer we consider all qualified applicants for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, disability or protected veteran status.