Security Lead - ServiceNow (374)

iTech AG

$100K — $130K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 4+ years in Federal information security certification and accreditation, continuous monitoring, and risk management framework.
  • Proficient in NIST SP 800-37, NIST SP 800-53, NIST SP 800-137, and FedRAMP compliance guidelines.
  • Experience in creating security documentation and system operating environment outlines.
  • Skilled in developing security safeguards and local operating procedures.
  • Experienced in preparing security incident reports and conducting technical vulnerability assessments.

Responsibilities

  • Support federal compliance with IT security standards including FedRAMP, NIST, and FISMA.
  • Monitor adherence to information security rules and engage in risk management.
  • Assess security impacts for system modifications and technological advancements.
  • Review systems to identify vulnerabilities and recommend improvements.
  • Manage SDLC security requirements and ensure rigorous testing for vulnerabilities.
  • Ensure the functional and secure operation of information systems against unauthorized access.
  • Maintain and update Security Authorization artifacts and ensure accurate monthly reporting.

Benefits

  • Opportunities for professional development and certifications.
  • Collaborative Agile team environment.
  • Engagement in meaningful projects with federal agencies.
  • Supportive of work-life balance initiatives.
Full Job Description
Description

OVERVIEW

iTech AG is seeking a Information Security Engineer to support a federal contract. As an Information Security Engineer you will be responsible for supporting an Agile team to develop and operate a PaaS system on behalf of a Federal agency and working with Federal security staff to maintain Authority to Operate (ATOs) for that system.

ROLES AND RESPONSIBILITIES
  • Support security efforts related to data and IT security for a Federal system supported by iTech AG to comply with all applicable Federal Government rules and regulations, and IT security standards (FedRAMP, NIST, FISMA, FISCAM, etc.)
  • Monitor adherence to these information security rules, standards and procedures through security governance, risk management and continuous monitoring programs.
  • Assess security impacts on system modifications and technological advances.
  • Review infrastructure, systems and applications in order to identify potential security weaknesses and vulnerabilities, recommends improvements, develops and implements remediation plans and documents upgrades.
  • Manage SDLC security requirements on new or enhanced systems, applications and infrastructure changes with robust security testing to identify and remediate security vulnerabilities and weaknesses.
  • Ensure that all information systems are functional and secure in order to protect information and prevent unauthorized access.
  • Ensure all SA&A artifacts are complete, updated and reviewed annually. Ensures all monthly reporting is accurate and ensures proper monthly reporting.
  • Create and update Security Impact Assessments based on new product and product updates
  • Continuously monitor and refine ServiceNow Security Center and provide biweekly updates to Federal customers
  • Other duties as assigned

MINIMUM QUALIFICATIONS
  • 4+ years of experience supporting active Federal information security Certification and Accreditation (C&A), Continuous Monitoring, and Risk Management Framework.
  • 4+ years of experience with NIST SP 800-37, Rev 1.0, NIST SP 800-53, NIST SP 800-137 and FedRAMP requirements and providing guidance to project teams on those guidelines and regulations.
  • 4+ years of experience producing information security documentation such as Systems Security Plans and developing and maintaining documentation outlining system operating environments (overall mission, floor layout, hardware configuration, software, type of information processed, user organizations and security clearances, operating mode, interconnections to other systems/networks of users, their security personnel, and associated responsibilities) for systems which they are responsible.
  • Experience developing and revising system-specific security safeguards and local operating procedures that are based on relevant guidelines and regulations.
  • Experience developing, supporting and providing security incident reports, equipment/software inventories, operating instructions, technical vulnerability reports, contingency plans and reports.
  • Experience briefing technical vulnerabilities, system non-compliance with Information Security policies, and security incidents to project teams.

EDUCATION AND CERTIFICATIONS
  • Bachelor's degree in computer science, Management, Information Systems, or related discipline or equivalent combination of education and experience

PREFERRED QUALIFICATIONS
  • Active Certified Information Security Manager (CISM)
  • Active Certified Information Systems Security Professional (CISSP)
  • Active Certified Information Systems Auditor (CISA)
  • Experience utilizing ServiceNow Security Center

SECURITY CLEARANCE
  • Pursuant to government contracts, US Citizenship is required
  • Ability to obtain and maintain a public trust.

Similar Jobs

More Jobs at iTech AG

More Information Technology Jobs

Find similar Security Lead - ServiceNow (374) jobs: