About WSP | Parsons Brinckerhoff|
WSP | Parsons Brinckerhoff, one of the world's leading engineering and professional services consulting firms, provides services designed to transform the built environment and restore the natural one. The firm's expertise ranges from environmental remediation and urban planning, to engineering iconic buildings and designing sustainable transport networks, to developing the energy sources of the future and enabling new ways of extracting essential resources. Approximately 34,000 employees, including engineers, technicians, scientists, architects, planners, surveyors, program and construction management professionals, as well as various environmental experts, work for this dynamic organization in more than 500 offices across 40 countries worldwide. NA
We have an immediate opportunity for a systems engineer to lead and manage the implementation of security best practices, located at our Denver, CO regional office. The successful candidate will join a team of innovative professionals in delivering projects and services to clients outside of WSP | Parsons Brinckerhoff through the use of cloud technologies in the role of Systems & Security Manager. The job responsibilities and success factors are as follows:
• Guide Stakeholders in practical implementation of policies and procedures to adhere to FISMA/NIST 800-53 guidelines.
• Ensuring that Stakeholders adhere to policies and procedures to acquire and maintain an Information System's Authority to Operate (ATO) under The Federal Information Security Management Act (FISMA) of 2002 following NIST 800-53 guidelines and NIST 800-53a security controls assessment practices.
• Guide systems engineering design and development toward a "baked-in" security design using Information Assurance best practices as well as FBI-specific policies and guidelines.
• Guide engineering development for the security design using IA enabled products.
• Maintain up-to-date documents such as procedures, work instructions, plans and manuals.
• Travel to other offices for meetings and assignments.
The Skills and Experience
• Bachelor's degree in CS, IT, or a closely related subject and at least fifteen years of experience overall.
• Very knowledgeable of FISMA, NIST, previous C&A experience, continuous monitoring experience, vulnerability management, scanning, risk management, project management, proficient with Microsoft products - Word, Excel, PowerPoint.
• Proficient with vulnerability and scanning tools and well-versed in interpreting risk posture resulting from assessment reports. Experience in project management and tracking, and the Microsoft suite of office products.
• Solid technical foundation as well practical and programmatic overall security experience.
• One of the following certifications: CISSP, CISM, CAP or GSLC.
• The ability to work in the United States immediately.
EOE / Veteran / Disability / Gender (M-F) / Gender Identity / Sexual Orientation
• FISMA, NIST, and/or C&A experiences
• Risk assessment experience, especially with NIST 800-503 Threat identification, system security categorization, gap analysis, compliance reporting
• Security analysis experience, especially trend analysis, incident response, encryption
• Security assessment experience doing vulnerability scanning, penetration testing, system hardening, system integration, packet sniffing
• Software development experience a plus given the unit supporting (to aid in categorizing and analyzing risks associated with custom software)
• Develop, track, create and manage POA&Ms
• Able to handle site accreditation
• Operational security experience a definite plus
• Security plan knowledge and creation experience a definite plus
• Knowledge of and experience with quality assurance and continuous monitoring
• contribute to the accuracy and efficiency of analysis operations through technical innovation, procedural refinement, training of analysts and analyst oversight
• Accountable for the real-time analysis, commentary and handling of security events
• Demonstrate the analysis system and analyst capabilities