Security Lead - ServiceNow (343)

Security Lead - ServiceNow (343) at iTech AG Security Lead - ServiceNow (343) at iTech AG in Arlington, Virginia Posted in 8 days ago.

Type:

Full-Time Job Description:

OVERVIEW

iTech AG is seeking a Information Security Engineer to support a federal contract. As an Information Security Engineer you will be responsible for supporting an Agile team to develop and operate a PaaS system on behalf of a Federal agency and working with Federal security staff to maintain Authority to Operate (ATOs) for that system.

ROLES AND RESPONSIBILITIES

Support security efforts related to data and IT security for a Federal system supported by iTech AG to comply with all applicable Federal Government rules and regulations, and IT security standards (FedRAMP, NIST, FISMA, FISCAM, etc.) Monitor adherence to these information security rules, standards and procedures through security governance, risk management and continuous monitoring programs. Assess security impacts on system modifications and technological advances. Review infrastructure, systems and applications in order to identify potential security weaknesses and vulnerabilities, recommends improvements, develops and implements remediation plans and documents upgrades. Manage SDLC security requirements on new or enhanced systems, applications and infrastructure changes with robust security testing to identify and remediate security vulnerabilities and weaknesses. Ensure that all information systems are functional and secure in order to protect information and prevent unauthorized access. Ensure all SA&A artifacts are complete, updated and reviewed annually. Ensures all monthly reporting is accurate and ensures proper monthly reporting. Create and update Security Impact Assessments based on new product and product updates Continuously monitor and refine ServiceNow Security Center and provide biweekly updates to Federal customers Other duties as assigned

MINIMUM QUALIFICATIONS

4+ years of experience supporting active Federal information security Certification and Accreditation (C&A), Continuous Monitoring, and Risk Management Framework. 4+ years of experience with NIST SP 800-37, Rev 1.0, NIST

SP 800-53, NIST SP

800-137 and FedRAMP requirements and providing guidance to project teams on those guidelines and regulations. 4+ years of experience producing information security documentation such as Systems Security Plans and developing and maintaining documentation outlining system operating environments (overall mission, floor layout, hardware configuration, software, type of information processed, user organizations and security clearances, operating mode, interconnections to other systems/networks of users, their security personnel, and associated responsibilities) for systems which they are responsible. Experience developing and revising system-specific security safeguards and local operating procedures that are based on relevant guidelines and regulations. Experience developing, supporting and providing security incident reports, equipment/software inventories, operating instructions, technical vulnerability reports, contingency plans and reports. Experience briefing technical vulnerabilities, system non-compliance with Information Security policies, and security incidents to project teams.

EDUCATION AND CERTIFICATIONS

Bachelor's degree in computer science, Management, Information Systems, or related discipline or equivalent combination of education and experience

PREFERRED QUALIFICATIONS

Active Certified Information Security Manager (CISM) Active Certified Information Systems Security Professional (CISSP) Active Certified Information Systems Auditor (CISA) Experience utilizing ServiceNow Security Center

SECURITY CLEARANCE

Pursuant to government contracts, US Citizenship is required Ability to obtain and maintain a public trust. iTech AG is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, genetic information, disability, protected veteran status, or any other characteristics protected by applicable federal, state, or local laws. iTech AG is committed to working with and providing reasonable accommodations to individuals with disabilities. Individuals with a disability who would like to request an accommodation for any part of our employment process should email their request to reasonableaccommodations@itechag.com. Please address the subject line as Accommodation Request and include your name, contact information, and a description of your accommodation request.