Risk Engineer (Security Assurance) Job at Randstad (東京23区)

Senior Security Assurance Engineer

Microsoft is seeking a Industrial Senior Security Assurance Engineer to support ...

Location

United States , Reston

Salary:

119800.00 - 234700.00 USD / Year

Microsoft Corporation

Expiration Date

Until further notice

Requirements

Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 3+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
OR equivalent experience
Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
U.S. citizenship
Ability to pass Microsoft Cloud background check upon hire/transfer and every two years thereafter

Job Responsibility

Execute industrial security operations for assigned classified programs, SCIFs, and secure environments in accordance with NISPOM (32 CFR Part 117) and customer requirements
Maintain SCIF and SAPF accreditation, including Fixed Facility Checklists (FFCs), self inspections, co utilization agreements, and coordination of material changes
Oversee safeguarding practices including access controls, classified storage, visitor management, and security awareness activities
Manage personnel access requests for classified and special access programs
Coordinate clearance and access activities with FSOs, CPSOs, and government security offices
Provide guidance to employees and managers on security responsibilities, reporting obligations, and compliance expectations
Investigate and report security incidents, violations, and infractions in accordance with regulatory and customer requirements
Maintain auditable security documentation and compliance artifacts to support government inspections, reviews, and internal audits
Support inspections and remediation of findings within assigned authority
Partner with Physical Security, HR, Legal, IT, Facilities, and Program teams to resolve operational security issues impacting classified environments

Fulltime

Principal Security Assurance Engineer

The Principal Security Assurance Engineer – Data Governance (USG Cloud) is a sen...

Location

United States , Reston

Salary:

139900.00 - 274800.00 USD / Year

Microsoft Corporation

Expiration Date

Until further notice

Requirements

Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 6+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
OR equivalent experience
Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
U.S. citizenship

Job Responsibility

Define and maintain data governance standards, policies, and operating models for USG cloud environments
Establish governance controls covering data classification, ownership, stewardship, lineage, retention, residency, sovereignty, and disposal
Ensure alignment with Microsoft enterprise data governance principles while addressing US specific government and national security requirements
Operationalize data governance controls to support compliance with FedRAMP, DoD SRG, NIST SP 800 53/171, ITAR, CJIS, HIPAA, and classified customer requirements
Partner with legal, compliance, and security teams to translate statutory and contractual requirements into enforceable and auditable governance mechanisms
Support audits, assessments, and ATO activities by providing governance artifacts, evidence, and subject matter expertise

Fulltime

Security Assurance Engineer

Security Governance & Compliance in the office of the dCISO (Deputy Chief Inform...

Location

United States , Redmond

Salary:

100600.00 - 199000.00 USD / Year

Microsoft Corporation

Expiration Date

Until further notice

Requirements

Master's Degree in Engineering, Product/Technical Program Management, Data Analysis, Product Development or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
OR Bachelor's Degree in Engineering, Product/Technical Program Management, Data Analysis, Product Development, or related field AND 2+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
OR equivalent experience
Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter
Citizenship & Citizenship Verification: This position requires verification of U.S citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local United States government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, citizenship will be verified via a valid passport

Job Responsibility

Lead cross-functional and cross-team projects, ensuring timely and within-budget completion
Collaborate with engineering teams to drive technical projects and deliver innovative solutions
Provide security training and develop incident response processes to handle multi-dimensional incidents
Ensure data integrity and compliance with contractual requirements
Communicate effectively with stakeholders, including government agencies, to ensure alignment and compliance with regulations
Identify and mitigate security vulnerabilities and risks through analytical problem-solving and strategic decision-making
Embody our company's Culture and Values

Fulltime

Information Systems Security Engineer 3 (FORECASTED)

The Information Systems Security Engineer (ISSE) conducts and reviews technical ...

Location

United States , Annapolis Junction

Salary:

189000.00 - 260000.00 USD / Year

Columbia Technology Partners

Expiration Date

Until further notice

Requirements

Twenty (20) years as an ISSE on programs of similar scope, type, and complexity
Bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or a related discipline
DoD 8570 IASAE Level 3 compliance
Both ISSEP and CISSP certifications
U.S. Citizenship is required for all applicants
DOD 8570 Certification
This position requires an active Security Clearance with appropriate Polygraph

Job Responsibility

Perform or review technical security assessments to identify vulnerabilities and ensure IA compliance
Validate, verify, and define system security requirements and designs
Design, develop, implement, and integrate IA/security systems and components across networked and multi-enclave environments
Embed IA into systems deployed to operational environments
Assist architects and developers with applying appropriate information security functionality
Support the development and maintenance of secure system architectures
Enforce trusted relationships among internal and external systems and architectures
Assess and mitigate security threats and risks throughout the program lifecycle
Contribute to security planning, assessments, risk analysis, and risk management activities
Review Certification and Accreditation (C&A) documentation for completeness and compliance

What we offer

Medical: CTP offers 3 superior plans, bringing our employees both in-network and out-of-network options
Vision + Dental: Both free to you + paid in full by CTP
Retirement: 401k - 6% company contribution
PTO + Leave: A work life balance is extremely important to our team here at CTP, which is why our paid time off plans are so lucrative. Offering customizable leave plans to meet your needs is just one of our many perks! Jury Duty, Bereavement + Military Leave provided
Career Growth: Up to $10,000 provided for approved career-related learning, training, education, and/or tuition
Life and AD&D Insurance/Short-Term & Long-Term Disability: More peace of mind, at zero cost to you
Profit Sharing Bonus: End of year cash gets added to your bottom-line
Referral Bonus Program: Our tiered program provides an incentive with each stage of the hiring process your referral passes. Our bonuses range from $7,000-$20,000, if your referral joins the team

Fulltime

New

Information Systems Security Engineer 3

The Information Systems Security Engineer (ISSE) conducts and reviews technical ...

Location

USA , Annapolis Junction

Salary:

189000.00 - 260000.00 USD / Year

Columbia Technology Partners

Expiration Date

Until further notice

Requirements

Twenty (20) years as an ISSE on programs of similar scope, type, and complexity
Bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or a related discipline
DoD 8570 IASAE Level 3 compliance
Both ISSEP and CISSP certifications
Master's degree in a related field may substitute for two (2) years of experience (requires 18 total years)
Four (4) additional years of ISSE experience may substitute for a bachelor's degree
U.S. Citizenship is required for all applicants
Certification Requirements: DOD 8570 Certification
This position requires an active Security Clearance with appropriate Polygraph

Job Responsibility

Perform or review technical security assessments to identify vulnerabilities and ensure IA compliance
Validate, verify, and define system security requirements and designs
Design, develop, implement, and integrate IA/security systems and components across networked and multi-enclave environments
Embed IA into systems deployed to operational environments
Assist architects and developers with applying appropriate information security functionality
Support the development and maintenance of secure system architectures
Enforce trusted relationships among internal and external systems and architectures
Assess and mitigate security threats and risks throughout the program lifecycle
Contribute to security planning, assessments, risk analysis, and risk management activities
Review Certification and Accreditation (C&A) documentation for completeness and compliance

What we offer

Medical: CTP offers 3 superior plans, bringing our employees both in-network and out-of-network options
Vision + Dental: Both free to you + paid in full by CTP
Retirement: 401k - 6% company contribution
PTO + Leave: customizable leave plans
Jury Duty, Bereavement + Military Leave provided
Career Growth: Up to $10,000 provided for approved career-related learning, training, education, and/or tuition
Life and AD&D Insurance/Short-Term & Long-Term Disability: at zero cost to you
Profit Sharing Bonus: End of year cash
Referral Bonus Program: bonuses range from $7,000-$20,000

Fulltime

Information Systems Security Engineer Senior Level

ITC is a Woman Owned Small Business delivering exceptional consultation to the U...

Location

United States , Ft. Meade

Salary:

Not provided

Integrity Technology Consultants

Expiration Date

Until further notice

Requirements

TS/SCI with FSP Polygraph. CI Poly allowed to start.
Twenty (20) years’ experience as an ISSE on programs and contracts of similar scope, type, and complexity is required. Bachelor' s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university is required.
DoD 8570 compliance with IASAE Level 3 is required Both Information Systems Security Engineering Professional (ISSEP) and CISSP Certifications are required.
A Master's degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline may be substituted for two (2) years of experience, reducing the requirement to eighteen (18) years of experience.
Four (4) years of additional ISSE experience may be substituted for a bachelor ' s degree.

Job Responsibility

Assist with the development and maintenance of all necessary C&A documents
Provide coordination, tracking, and management through all aspects of the initial and recurring C&A processes.
Conduct independent assessments of all required security controls including interviews, examinations, and testing and prepare the assessment findings report.
Work with system owners to resolve findings and answer questions.
Perform cybersecurity review and validation services for cybersecurity authorization deliverables and record results.
Support the Risk Management Framework (RMF) process using applicable tools.
Continuous monitoring and plans of action and milestones (POA&M) management.
Assessing systems deployed in Test Infrastructures
Provide analytical, communication and troubleshooting skills that enable proactive and effective collaboration, including the ability to clearly articulate status and present to both customers and program leadership.
Supporting planning and testing for Certification and Accreditation processes and (Secure the Enterprise/Secure the Network (STE/STN), High Value Asset (HVA) requirements for all System security plans

What we offer

401K plan with company contributions (safe harbor and profit sharing)
11 Federal holidays, 21 Days PTO
Medical, Dental, & Vision with substantial company contributions
Company provided Life, LTD and STD Insurance
Health Savings Accounts/ Flexible Spending Accounts
Referral Bonuses
Performance Bonuses
Tuition Assistance for Education, Training, and Professional certifications
Career Development

Fulltime

Satellite Communications System Security Engineer, Mid

Are you seeking an opportunity to enhance your expertise in satellite communicat...

Location

United States , Fort Meade

Salary:

69400.00 - 158000.00 USD / Year

Booz Allen Hamilton

Expiration Date

Until further notice

Requirements

3+ years of experience implementing, testing, and validating STIGs, performing system self‑assessments, and creating STIG checklists
3+ years of experience executing IAVM actions, such as IAVA alerts, bulletins, or tasking orders, and developing compliant engineering responses
3+ years of experience deploying and validating ESS, ACAS, and CMRS, analyzing ACAS scans, developing remediation strategies, and implementing patches and upgrades
3+ years of experience reviewing cybersecurity and engineering change requests to ensure operational availability and compliance
Knowledge of RMF and its application to networks and IT systems, such as Cisco routers, switches, Active Directory, or access control
Ability to manage users in Windows or Linux and administer VMs in VMware or Hyper‑V
Ability to accredit and secure DoD systems using RMF, perform IAVA analysis, document POA&Ms, and prepare security assessment artifacts
Secret clearance
HS diploma or GED
Security+ Certification

Job Responsibility

Develop relationships quickly and easily with other teams, communicating the complexities of security with a wide variety of audiences, including senior management
Implement infrastructure and cybersecurity controls, including enhanced detection and vulnerability capabilities and improved event correlation in large enterprises
Perform risk and vulnerability assessments in network, system, and application areas and leverage big data analytics and traditional security event types to identify advanced threats or indicators of compromise
Participate in the development of test strategies and conduct of testing, validating, and implementing applicable STIG requirements for current or new systems
Conduct periodic self-assessments of systems to ensure STIG compliance and create STIG checklists to support periodic self-assessments
Perform Information Assurance Vulnerability Management (IAVM) activities such as IA vulnerability alerts, bulletins, and tasking orders and develop a systematic approach for responses to IAVM related issues to maintain system compliance

What we offer

Health, life, disability, financial, and retirement benefits
Paid leave
Professional development
Tuition assistance
Work-life programs
Dependent care
Recognition awards program

Fulltime

Satellite Communications Systems Security Engineer, Mid

Are you seeking an opportunity to enhance your expertise in satellite communicat...

Location

United States , Fort Meade

Salary:

69400.00 - 158000.00 USD / Year

Booz Allen Hamilton

Expiration Date

Until further notice

Requirements

3+ years of experience implementing, testing, and validating STIGs, performing system self‑assessments, and creating STIG checklists
3+ years of experience executing IAVM actions, including IAVA alerts, bulletins, and tasking orders, and developing compliant engineering responses
3+ years of experience deploying and validating ESS, ACAS, and CMRS, analyzing ACAS scans, developing remediation strategies, and implementing patches and upgrades
3+ years of experience reviewing cybersecurity and engineering change requests to ensure operational availability and compliance
Knowledge of RMF and its application to networks and IT systems, including Cisco routers, switches, Active Directory, and access control
Ability to manage users in Windows and Linux and administer VMs in VMware or Hyper‑V
Ability to accredit and secure DoD systems using RMF, perform IAVA analysis, document POA&Ms, and prepare security assessment artifacts
Secret clearance
HS diploma or GED
Security+ Certification

Job Responsibility

Develop relationships quickly and easily with other teams, communicating the complexities of security with a wide variety of audiences, including senior management
Implement infrastructure and cybersecurity controls, including enhanced detection and vulnerability capabilities and improved event correlation in large enterprises
Perform risk and vulnerability assessments in network, system, and application areas
Leverage big data analytics and traditional security event types to identify advanced threats
Participate in the development of test strategies and conduct of testing, validating, and implementing applicable STIG requirements for current or new systems
Conduct periodic self-assessments of systems to ensure STIG compliance
Create STIG checklists to support periodic self-assessments
Perform Information Assurance Vulnerability Management (IAVM) activities, such as IA vulnerability alerts, bulletins, and tasking orders
Develop a systematic approach for responses to IAVM-related issues, to maintain system compliance

What we offer

Health, life, disability, financial, and retirement benefits
Paid leave
Professional development
Tuition assistance
Work-life programs
Dependent care

Fulltime

Select Country

Risk Engineer (Security Assurance)

Job Description

Requirements

Nice to have

What we offer

Looking for more opportunities?