Goldbelt CP Marine is looking for an Information Assurance Engineer. This position requires to have strong foundational knowledge of information security and practical experience in security services.

• Provide technical and programmatic Information Assurance Services to internal and external customers in support of network and information security systems.
• Design, develop, and implement security requirements within an organization’s business processes.
• Manage and oversee all aspects of cyber security for onsite systems.
• Identify security risks, threats, and vulnerabilities to systems and networks and implements necessary security measures to nullify those threats.
• Analyze organization's network and systems security measures and updates them as necessary to maintain security compliance.
• Assist in the updating and maintaining of organization's security documentation including policies, standards, and best practices.
• Record incidents and reports them to upper management.
• Ensure the integrity and protection of networks and systems through implementation of secure policies and procedures.
• Educate employees on standards and best practices to mitigate risk of data exposure.

• Knowledge of Federal Information Security Management Act (FISMA) Compliance framework, including ongoing assessment and authorization.
• Knowledge of National Institute of Science and Technology Incident Response methodology.
• Knowledge of Cyber Security Incident Response Process.
• Capability to perform system level forensics with applications such as Encase.
• Ability to operate and maintain Vulnerability Management solutions (e.g., Tenable Nessus, Imperva DB, HCL Web App Scan, Acunetix 360).
• Ability to operate and maintain hardware asset management applications (e.g., Forescout, SolarWinds, or MDE Device Discovery).
• Ability to operate, maintain and process data from different types of vulnerability scanners: Web Application, Database, Host-based, Network Based.
• Ability to analyze and develop assessment reports from data produced by Scanning Tools (e.g., Imperva DB Scanner, Tenable Nessus Scanner, HCl Web app scans, Acunetix 360) .
• Ability to monitor, analyze and report on alerts produced by Security tools (e.g., Network Intrusion Detection Systems (NIDS), Host Intrusion Detection Systems (HIDS), Data Loss Prevention Systems (DLP), Security Information and Event Management system (SIEM)).
• Ability to monitor and analyze alerts generated on Endpoint Detection and Response (EDR) solutions (e.g., Microsoft Defender for Endpoint (MDE)).
• Ability to monitor and process alerts generated by SIEM and SOAR (e.g., Splunk SIEM/SOAR solutions).
• Ability to develop vulnerability assessment reports specific to the Department.
• Familiarity with MS-Office automation products, including MS-Word, MS-Excel, MS-PowerPoint, and MS-Project.
• Familiarity working with Google products including Mail, Sites, Calendar, Spreadsheet, Drive, and Document.

MINIMUM QUALIFICATIONS
• 
  Academic degree in a closely related discipline (e.g., Computer Science, Information Security, Information Assurance, etc.) can be substituted for certain years of experience.
• Minimum of five (5) years of experience of work related.
• Must have a strong background and experience with projects involving information assurance and cybersecurity.

PREFERRED QUALIFICATIONS
• 
  Strong oral and written communication skills.
• Strong interpersonal and leadership skills.
• Ability to influence others and lead small teams.
• Lead initiatives of moderate scope and impact.
• Ability to coordinate several projects simultaneously.
• Effective problem identification and solution skills.
• Proven analytical and organizational ability.