Security Assessment Engineer

·
Full time
Location: Richmond
·
Job offered by: Stefanini, Inc
·
Category: IT & Technology
Join us to co-create solutions for a better future! Job Details Information Technology

Security Assessment Engineer

Richmond, VA

Posted: 11/12/2024

Job ID#: 59000

Job Category: Information Technology

Position Type: Contract

Duration: Long Term

Stefanini Group is hiring!

Stefanini is looking for a Security Assessment Engineer for 100% Remote work.

For quick Apply, please reach out to Ayush Dwivedi - call: 248 728 2636 / email:

ayush.dwivedi@stefanini.com

Open to W2 Candidates only! US Citizens!

We are seeking a skilled Security Assessment Engineer to join our team. The ideal candidate will be instrumental in supporting the adoption of DevSecOps principles and automating assessment services to ensure continuous authorization to operate within our organization. This is a unique position that must be able to flex between security engineering, security control automation, development, and assessor roles in a NIST based risk management environment.

The candidate must possess skills that include experience with:

Test design, performance testing, test architecture, configuration management, troubleshooting.

Excellent verbal and written communication skills both horizontally and vertically.

Performing manual testing with agility and interaction.

Proficient in continuous delivery, Agile, and DevOps.

Key Responsibilities:

Support DevSecOps initiatives by developing and implementing test-driven security within a CI/CD pipeline.

Create automation to support the NIST Risk Management Framework (SP800-37, SP800-53/53a).

Develop and track Plan of Action and Milestones (POA&Ms) to address identified security vulnerabilities and compliance gaps.

Able to document clear and repeatable processes and train others to perform automated assessment reviews.

Develop and implement security assessment automation tools to support DevSecOps practices.

Collaborate with development teams to integrate security assurance into the CI/CD pipeline.

Conduct security assessments and risk analyses on new and existing software.

Provide Subject Matter Expertise in the creation of security policies and standards.

Develop and document procedures specific to the role.

Work closely with compliance teams to ensure continuous monitoring and authorization.

Assist in developing security training and awareness for technical staff.

Stay current with evolving security landscape, industry trends, tools, and best practices.

Job Requirements Details:

Bachelor's degree in Computer Science, Information Security, or a related field (preferred).

Proven experience with security assessment tools and methodologies.

Experience with a wide range of programming languages, automation tools, and scripting languages (e.g., Python, Ruby, Go, Bash/Shell, JavaScript/Node.js, Groovy, YAML/JSON, PowerShell, Java, Terraform).

Understanding languages in the context of various DevSecOps tools and platforms like Docker, Kubernetes, Ansible, Chef, Puppet, Jenkins, GitLab CI, and cloud service providers (AWS, Azure, GCP).

Experience with Policy as Code and Compliance as Code.

Knowledge of compliance frameworks and continuous authorization processes.

Prefer NIST SP800-37, SP800-53/53a.

Excellent communication skills and the ability to work collaboratively.

Operational vulnerability analysis.

Deep understanding of Dev/Sec/Ops processes and testing.

Preferred Qualifications:

Certifications such as GCSA, CISSP, CEH, or OSCP.

Experience in a policy and assurance or quasi-governmental environment.

Familiarity with cloud service providers and associated security challenges.

Listed salary ranges may vary based on experience, qualifications, and local market. Also, some positions may include bonuses or other incentives.

About Stefanini Group:

The Stefanini Group is a global provider of offshore, onshore, and near-shore outsourcing, IT digital consulting, systems integration, application, and strategic staffing services to Fortune 1000 enterprises around the world. Our presence is in countries like the Americas, Europe, Africa, and Asia, and more than four hundred clients across a broad spectrum of markets, including financial services, manufacturing, telecommunications, chemical services, technology, public sector, and utilities. Stefanini is a CMM level 5, IT consulting company with a global presence.

Pay Range: $70.00 - $84.00

#J-18808-Ljbffr

Recent Jobs

London (On site) · Full time

Are you a smart, driven professional who takes pride in making a difference in local communities? Turner & Townsend’s Real Estate division is experiencing significant growth and we’re looking for an experienced industry professional with health project experience to join our high-performing and collaborative Project Management team. Why Join Us? Impactful Work: Contribute to social [...]Read More... from Assistant Project Manager – Healthcare See details

Chasetown (On site) · Full time

My client, Autosmart International are a manufacturing success story! Site Operations Manager – leading fast-paced manufacturing and warehousing About Our Client Autosmart International is a manufacturing success story, leading the field in vehicle cleaning products. We are the No.1 choice of automotive trade customers across the UK. We have doubled in size in the last [...]Read More... from Site Operations Manager See details

London (On site) · Full time

CSS are looking for an experienced duty officer to join our client’s team who are a local council responsible for all areas within the Tendering district. Working hours: All shifts are 8 hours long with various start times available: Monday to Friday – start times between 6AM – 3PM Saturday & Sunday – 6AM – [...]Read More... from Duty Officer See details