Whatsapp
Posted : Wednesday, September 04, 2024 08:22 PM
Position Title: Cyber Security Engineer
Position Summary:
The Cyber Security Engineer is part of the Acquisition and Property Management (APM) Forms and Publications Orders (FPORDERS) Application Modernization team within the Acquisition and Property Management (APM) portfolio in support of the US Department of Veterans Affairs, Consolidated Corporate Support Services (CCSS) program.
Forms and Publications Orders (FPORDERS) is a legacy mainframe application hosted at a VA data center.
This application is used enterprise-wide by as many as 350-700 end-users (End-user Actors) across 175+ VA locations to requisition items for their locations, including: paper forms, publications, Veteran burial flags, and gun locks (in support of the VA's Suicide Prevention program).
The Office of Procurement, Acquisition and Logistics (OPAL) Service Distribution Center (SDC) uses the application to process and track the requisition requests and uses various system reports to conduct inventory management functions to ensure adequate stock is on hand to fulfill all requests.
The primary role will be to support the migration and integration of complex software systems to the VA’s Enterprise Cloud enclaves (AWS and Azure) including on-premises private cloud infrastructures.
In addition to, designing, developing, and implementing software to address solution modernization requirements.
The Cyber Security Engineer will: Plan, design, develop, and manage the security infrastructure required for deploying secure, scalable and reliable applications, while routinely conducting preventive and adaptive maintenance to increase security, performance, and reliability.
Partner with engineering and product managers to ensure business requirements are supported by corresponding technical requirements and infrastructure.
Implement big visible charts to graphically present key metrics and measures that keep teams focused on what needs their attention and to promote transparency.
Routinely stress test your systems to expose weakness in both infrastructure and applications.
Duties: Deliver in an Agile, Lean, SAFe-based environment utilizing DevSecOps, Agile Release Trains (ARTs), Continuous Integration/Continuous Delivery (CI/CD), and related processes, methodologies, and concepts.
Coordinate and maintain security toolsets to support organizations’ continuous monitoring and ongoing authorization programs, establish a framework by which cyber risk can be measured and quantified in the marketplace.
Conduct in-depth triage, troubleshooting, and forensics across all facets of the cloud stack while executing processes corrective action and continual service improvement.
Perform design and implementation of IT systems that require the integration of diverse and complex components where activities include creating a problem statements, defining operational requirements, integrating with other systems, researching and modeling the system architecture and configuration, investigate alternatives, estimate level of effort, and perform impact analysis.
Support senior management to establish strategic plans and objectives.
Recommend/make decisions on administrative or project work matters and ensures effective achievement of program, project, or organizational objectives.
Work on unusually complex technical problems and provides solutions which are highly innovative and ingenious.
Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results.
Serve as an organization spokesperson on advanced projects and/or programs.
Acts as advisor to management and customers on advanced technical research studies and applications.
Complete collection, development, and delivery of the necessary artifacts to ensure Authority to Operate (ATO) is obtained as required to meet Program Milestones Assess and complete Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support.
Determine security requirements by evaluating business strategies and requirements; researching information security standards conducting system security and vulnerability analyses and risk assessments; studying architecture/platform.
Advise government personnel on compliance to standards and policies.
Recommend courses of action for incident response, as well as oversee design of enterprise systems to ensure alignment with local cybersecurity regulations.
Develop and reviews architectural security designs, security tests, and engineering solutions to ensure compliance to standards and processes.
Requirements: For VA’s Acquisition and Property Management Product Line: Forms and Publications Orders (FP Orders) Application Modernization: Agile project management and team leadership Experience with development, support, and sustainment of the VAEC technologies and services that are targeted for assigned applications including but not limited to VAEC AWS GovCloud, VAEC Azure GovCloud, or other on-premises infrastructure.
Experience in performing upgrades to newer versions/newer technologies that will be required as part of the migration effort, to include utilization of VAEC cloud services, tools, and infrastructure.
VAEC components, tools, architecture, setup, configuration, development, integration, migration, maintenance, sustainment, and support, with emphasis DevSecOps.
Experience with other tools such as API Libraries, CLI, Java, JavaScript, Python/Go, Microservices, Serverless, MLOps, AIOps, Python, Bash shell scripting.
Object-oriented Programming within a delivery team, as well as worked on a DevOps team that supported a set of engineers.
Declarative Infrastructure as Code tools Cloud-based build and deployment pipelines, Infrastructure-as-Code, Kubernetes, Jenkins/CloudBees, Python, Puppet, Terraform, Docker, as well as Enterprise DevOps or similar shared service experience.
Linux/Unix environments and supporting production enterprise applications.
Experience with infrastructure monitoring tools PostgreSQL, 9.
3.
x DBMS Angular Command Line Interface (CLI), 13.
2.
x, Development Tool Red Hat Enterprise Linux (RHEL), 7.
x, Operating System GitLab Community Edition (CE), 13.
7.
x, Middleware: Systems Management Tool Visual Studio Code (VS Code), 1.
x, Middleware: Application and Web Server Software Microsoft Windows Server, 2012, Server Operating System Required Education, Experience, and Clearance: Bachelor’s degree in computer science, Engineering, or Information Technology and five (5) years or more experience, – OR – Master’s and three (3) years or more experience Ability to obtain a VA Position of Public Trust – Medium Background Investigation (MBI)
Forms and Publications Orders (FPORDERS) is a legacy mainframe application hosted at a VA data center.
This application is used enterprise-wide by as many as 350-700 end-users (End-user Actors) across 175+ VA locations to requisition items for their locations, including: paper forms, publications, Veteran burial flags, and gun locks (in support of the VA's Suicide Prevention program).
The Office of Procurement, Acquisition and Logistics (OPAL) Service Distribution Center (SDC) uses the application to process and track the requisition requests and uses various system reports to conduct inventory management functions to ensure adequate stock is on hand to fulfill all requests.
The primary role will be to support the migration and integration of complex software systems to the VA’s Enterprise Cloud enclaves (AWS and Azure) including on-premises private cloud infrastructures.
In addition to, designing, developing, and implementing software to address solution modernization requirements.
The Cyber Security Engineer will: Plan, design, develop, and manage the security infrastructure required for deploying secure, scalable and reliable applications, while routinely conducting preventive and adaptive maintenance to increase security, performance, and reliability.
Partner with engineering and product managers to ensure business requirements are supported by corresponding technical requirements and infrastructure.
Implement big visible charts to graphically present key metrics and measures that keep teams focused on what needs their attention and to promote transparency.
Routinely stress test your systems to expose weakness in both infrastructure and applications.
Duties: Deliver in an Agile, Lean, SAFe-based environment utilizing DevSecOps, Agile Release Trains (ARTs), Continuous Integration/Continuous Delivery (CI/CD), and related processes, methodologies, and concepts.
Coordinate and maintain security toolsets to support organizations’ continuous monitoring and ongoing authorization programs, establish a framework by which cyber risk can be measured and quantified in the marketplace.
Conduct in-depth triage, troubleshooting, and forensics across all facets of the cloud stack while executing processes corrective action and continual service improvement.
Perform design and implementation of IT systems that require the integration of diverse and complex components where activities include creating a problem statements, defining operational requirements, integrating with other systems, researching and modeling the system architecture and configuration, investigate alternatives, estimate level of effort, and perform impact analysis.
Support senior management to establish strategic plans and objectives.
Recommend/make decisions on administrative or project work matters and ensures effective achievement of program, project, or organizational objectives.
Work on unusually complex technical problems and provides solutions which are highly innovative and ingenious.
Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results.
Serve as an organization spokesperson on advanced projects and/or programs.
Acts as advisor to management and customers on advanced technical research studies and applications.
Complete collection, development, and delivery of the necessary artifacts to ensure Authority to Operate (ATO) is obtained as required to meet Program Milestones Assess and complete Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support.
Determine security requirements by evaluating business strategies and requirements; researching information security standards conducting system security and vulnerability analyses and risk assessments; studying architecture/platform.
Advise government personnel on compliance to standards and policies.
Recommend courses of action for incident response, as well as oversee design of enterprise systems to ensure alignment with local cybersecurity regulations.
Develop and reviews architectural security designs, security tests, and engineering solutions to ensure compliance to standards and processes.
Requirements: For VA’s Acquisition and Property Management Product Line: Forms and Publications Orders (FP Orders) Application Modernization: Agile project management and team leadership Experience with development, support, and sustainment of the VAEC technologies and services that are targeted for assigned applications including but not limited to VAEC AWS GovCloud, VAEC Azure GovCloud, or other on-premises infrastructure.
Experience in performing upgrades to newer versions/newer technologies that will be required as part of the migration effort, to include utilization of VAEC cloud services, tools, and infrastructure.
VAEC components, tools, architecture, setup, configuration, development, integration, migration, maintenance, sustainment, and support, with emphasis DevSecOps.
Experience with other tools such as API Libraries, CLI, Java, JavaScript, Python/Go, Microservices, Serverless, MLOps, AIOps, Python, Bash shell scripting.
Object-oriented Programming within a delivery team, as well as worked on a DevOps team that supported a set of engineers.
Declarative Infrastructure as Code tools Cloud-based build and deployment pipelines, Infrastructure-as-Code, Kubernetes, Jenkins/CloudBees, Python, Puppet, Terraform, Docker, as well as Enterprise DevOps or similar shared service experience.
Linux/Unix environments and supporting production enterprise applications.
Experience with infrastructure monitoring tools PostgreSQL, 9.
3.
x DBMS Angular Command Line Interface (CLI), 13.
2.
x, Development Tool Red Hat Enterprise Linux (RHEL), 7.
x, Operating System GitLab Community Edition (CE), 13.
7.
x, Middleware: Systems Management Tool Visual Studio Code (VS Code), 1.
x, Middleware: Application and Web Server Software Microsoft Windows Server, 2012, Server Operating System Required Education, Experience, and Clearance: Bachelor’s degree in computer science, Engineering, or Information Technology and five (5) years or more experience, – OR – Master’s and three (3) years or more experience Ability to obtain a VA Position of Public Trust – Medium Background Investigation (MBI)
• Phone : NA
• Location : Salt Lake City, UT
• Post ID: 9023916448
