697474--Sr. Security Incident Response Engineer --State of IA - HHS--Des Moines IA
Position: ITSA2 Sr. Security Incident Response Engineer
REQ ID: 697474
Client Name: IA-HHS
Job Location: 1305 East Walnut Street, Des Moines IA
Interview type: Either Webcam or In Person
Duration time: 7 Months
Short Description: The Sr. Security Incident Response Engineer, you will perform duties such as review existing architecture to plan, deploy, and aid in enhancing secure solutions to protect HHS data within the environment.
Complete Description:
The Security Incident Response Engineer develops and maintains standard operating procedures (SOPs) and condition the environment according to the security and compliance requirements of HHS and the eligibility system. This person will collaborate with the compliance team to develop security control implementation descriptions to meet compliance requirements. Additionally, monitors, investigates, and responds to threats and cybersecurity incidents in HHS infrastructure. The engineer should be comfortable working independently with guidance from a project manager and amongst a team.
The Sr. Security Incident Response Engineer will:
Review existing security documentation and processes to provide areas of improvement.
Provide investigation and remediation support to mitigate security threats and incidents.
Work with various teams to ensure best practices regarding information security
Responsibilities:
Detect and respond to agency wide security incidents, coordinating cross-functional teams to mitigate and eradicate threats.
Monitor and analyze emerging threats, vulnerabilities, and exploits.
Aid in developing and implementing scalable preventative security measures (detection, monitoring, exploitation)
Develop, execute, and track the performance of security measures to protect information and network infrastructure and Computer systems.
Design computer security strategy and engineer comprehensive cybersecurity architecture.
Identify, define, and document system security requirements and recommend solutions
Desired Background:
Possess a breadth of knowledge and experience across the information security domain, such as endpoint security, identity management, cloud security, detection engineering, vulnerability management, incident response, and threat intelligence.
Hands-on experience investigating security events and incidents across complex and heterogeneous environments, preferably including Microsoft Defender.
Certifications:
Security + Required*
CeH
CISA
CISM
Needed Soft Skills:
Time management skills with the ability to operate under short deadlines
Self-starter with minimal management supervision
Ability to work under pressure and manage fluctuating workloads
Work in a team setting
Ability to gain consensus
Maintain confidentiality
Excellent written and verbal communication skills
Please fill the below Skills Matrix:
Skill | Required / Desired | Amount | Candidate Years of Experience |
Demonstrate experience integrating, deploying, and operating security information & event management (SIEM) systems & security orchestration, | Required | | |
automation, and response (SOAR) systems | 6 Years Required | 6 | Years |
Strong knowledge of security technologies such as full packet capture, SIEM, NGFW, IDPS | 8 Years Required | 8 | Years |
Demonstrated proficiency in MS Office suite | 8 Years Required | 8 | Years |
Experience writing in explanatory and procedural styles for multiple audiences | 5 Years Required | 5 | Years |
Demonstrated proficiency reading and interpreting complex federal and state laws, rules, regulations, and requirements including, (but not limited to) | Required | | |
HIPAA, IRS Publication 1075, CMS MARS-E 2.0, FedRAMP, NIST 800-53 | 2 Years Required | 2 | Years |
Experience effectively communicating technical and nontechnical concepts to a variety of audiences | 5 Years Required | 5 | Years |
Excellent written and verbal communication skills | 5 Years Required | 5 | Years |
Experience working in an environment that is compliant with complex federal and state laws, rules, regulations, and requirements such as, HIPAA, | Desired | | |
IRS Publication 1075, FedRAMP, NIST 800-53 | 2 Years Desired | 2 | Years |
Ability to follow and comply with existing processes and procedures, and propose updates | 5 Years Desired | 5 | Years |
Ability to work with minimal supervision, set priorities, and give attention to detail and quality | 5 Years Desired | 5 | Years |
Demonstrated strong organizational and time-management skills: multitasking, working individually and with a team | 5 Years Desired | 5 | Years |
Experience to analyze Vulnerability reports (Web apps, Network scans, Policy scan, SOC alerts)& recommend a solution for the mitigation or remediation | 5 Years Desired | 5 | Years |
Question 1 | The Contractor must report any disciplinary action, misdemeanor or felony convictions to the State for any temporary IT staff provided. Do you agree to this requirement? |
Question 2 | Absences greater than two weeks MUST be approved by CAI Management in advance, and contact information must be provided to CAI so that a resource can be reached during his or her absence. The client has the right to dismiss the resource if she or he does not return to work by the agreed upon date. Do you accept this requirement? |
Question 3 | This requirement falls under the E-RTR process. The candidate MUST submit their Right to Represent electronically following the process to be considered. Do you accept this requirement? |
Question 4 | Please list candidate's email address. |
Question 5 | PROVIDE CANDIDATES CURRENT PHYSICAL LOCATION [HERE] |
Question 6 | INTERVIEW DATES: Interviews will be conducted on [11/18, and 11/21] only to submit candidates available for interviews on the date(s) provided. |
Question 7 | SHOW YOUR WORK - In the summary of qualifications field under the details tab of the candidate's profile, you should explain why your candidate is the best fit for this position. Please confirm that you have thoroughly validated and attested to the accuracy of the credentials listed throughout this candidate's VectorVMS profile and resume according to Section 5.2.5 of ITS-009440. Do you confirm? Candidates will get rejected if an agency cuts and pastes the candidates' resumes into this field. |
Question 8 | *** SKILL MATRIX is entered on the CANDIDATE SKILLS TAB of VectorVMS ONLY***. Please input the numbers honestly and accurately. |