




Job Type
Full-timeDescription
Abacus Solutions Group:
We're built on our shared core values! We are difference-makers, passionate about serving, we work hard with integrity and do the right thing. Difference makers means that we look at every opportunity as a chance to make a difference. Passionate about serving means that we are always looking for ways to serve our customers and coworkers. Working hard and doing the right thing with integrity means that for every decision we make we 1st ask, "Is the decision consistent with our moral and ethical principles". We hire, review, reward and recognize our teammates based on these characteristics, so it is important that you share these values to be part of the team.
Position Overview:
We are seeking a highly skilled Sr. System Security Engineer to join our team in Brunswick, GA. The ideal candidate will support the Server and Network Teams in tracking, documenting, planning solutions for, remediating, or requesting waivers for vulnerabilities and threats. This role involves working closely with ISSOs and CISO to provide status and progress reports for enterprise device, application, and operating system vulnerabilities.
Work Environment: This position may require occasional travel and the ability to work in a fast-paced, dynamic environment. The candidate must be able to work collaboratively with various teams and stakeholders to ensure the security and integrity of the enterprise IT infrastructure.
Key Responsibilities:
- Responsible for all enterprise IT infrastructure devices and software, review and guide testing / implementation of IT security guidance from government, including:
- System Security Authorizations
- System Test and Evaluations
- Security Policies
- Hardening Guidelines
- NIST
- DOD STIGs
- Guidance from FLETC ISSOs or CISO
- Monitor audit logs in accordance with government policies and procedures.
- Guide and track security hardening of all hardware and software. Prepare configuration baseline documentation for customer approval.
- Verify installation of all required security patches, operating system, and firmware upgrades.
- Review and advise on backup and recovery procedures for the enterprise IT infrastructure.
- Assist in developing, testing, and implementing Continuity of Operations Plans (COOP), contingency plans, and System Security Plans (SSP).
- Assist in systems' Security Authorization testing.
- Assist in resolving security event notifications for hardware and software.
- Review vulnerabilities and configuration management deficiencies identified during scans, work with server and network teams to remediate, and provide monthly reports of all corrective actions or exceptions.
- Maintain 100% compliance with all applicable Information Security laws, regulations, and policies.
- Advise on enterprise IT infrastructure security using the latest on-premise and/or cloud-based network, server, storage, and client security principles, techniques, and protocols.
- Utilize network, server, storage, and client security technologies, monitoring tools, and applications to ensure optimal information and system integrity, confidentiality, and availability.
- Review configurations of on-premise and/or cloud-based enterprise IT security devices, including firewalls, router/switch configurations, and network monitoring tools.
- Verify security of enterprise server and storage infrastructure with anti-virus, authentication systems, log management, content filtering, server and storage monitoring tools, and database/operating systems security.
- Provide recommendations for enterprise server and storage infrastructure security enhancements.
- Accurately write and/or orally present comprehensive reports of enterprise IT infrastructure security proposals, designs, analysis, findings, and recommendations.
- Ensure that any software residing on a server and hosted on-premise is patched and updated as required.
Requirements
- At least 5 years of proven experience in IT security, particularly in enterprise environments.
- Strong knowledge of government IT security guidance, policies, and procedures.
- Expertise in security hardening, patch management, and vulnerability remediation.
- Experience with backup and recovery procedures, COOP, contingency plans, and SSP.
- Proficiency in securing on-premise and cloud-based IT infrastructure.
- Ability to identify and resolve security incidents and event notifications.
- Excellent written and oral communication skills for reporting and presenting security analysis and recommendations.
- Strong understanding of compliance with Information Security laws, regulations, and policies.
Preferred Certifications:
- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
- CEH (Certified Ethical Hacker)
- CompTIA Security+
Security Qualifications:
- No security clearance required; Secret Clearance Preferred
- Must be a US Citizen
- Must pass a Federal Law Enforcement Background Investigation
All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.