Posted today
Top Secret/SCI
Unspecified
IT - Security
Washington, DC (Off-Site/Hybrid)
Eiden Systems Consulting is seeking an experienced Information Assurance (IA) Engineer to lead in securing mission-critical embedded systems and network architectures. In this role you would be responsible for technical assessments using Nessus, STIG and SCAP tools, directly remediating vulnerabilities while balancing system operability. A successful candidate will also have experience in charting DOD IA requirements into system design changes, managing POAMS, and help pave the way for successful IATT and ATO milestones.
The ideal candidate will serve as the serve as primary security liaison between engineering, PM’s and USG representatives, translating technical risks into plain English for non-technical stakeholders while providing technical guidance to developers.
Key Responsibilities:
• Conduct automated and manual security assessments using Tenable Nessus, STIG Viewer, and SCAP Compliance Checker (SCC) across embedded hardware, firmware, and network infrastructures.
• Analyze scan results to develop and implement remediation scripts or configuration changes. Balance high-security postures with the unique operational constraints of deployed systems
• Author and manage Plans of Action and Milestones (POAMs) for vulnerabilities that cannot be immediately remediate, ensuring clear paths to resolution and documented risk acceptance.
• Review system architecture diagrams and design documents to provide technical IA guidance, ensuring security is baked into the System Development Life Cycle (SDLC) rather than bolted on at the end.
• Generate and maintain the body of evidence required for Interim Authority to Test (IATT) and Authority to Operate (ATO) packages under the RMF.
Required Qualifications:
• 5-10 years working a technical role in the RMF framework committing to duties such as:
o Performing automated and annual security audits using Nessus, STIG viewer and SCC
o Direct experience implementing security patches and configuration changes while ensuring functional operability
o Managing the RMF process, including the drafting of remediation plans
• Competency in Bash, Powershell, and Python to execute security hardening.
• Working knowledge of NIST 800-53
• Certification: Must meet DoD 8570.01-M requirements / IAT Level II or III (Security+, CySA+, CISSP, etc)
• Clearance: TS with SCI Eligibility
Preferred Qualifications:
• Proficiency in PowerShell, Bash, or Python to automate the deployment of security configurations and speed up the remediation cycle.
• Understanding Layer 2/3 security, including port security, VLAN tagging, and firewall rule-set optimization.
• Experience with Hardware in the loop testing environments
• Assist in establishing a continuous monitoring strategy to maintain the system's security posture post-ATO.
ESC offers a competitive compensation package that includes premium health, dental, and vision insurance, a 401(k) plan with company match, life insurance, short- and long-term disability coverage, and more. We also prioritize work-life balance, supporting our team in maintaining a healthy blend of professional and personal well-being.
PAY TRANSPARENCY NONDISCRIMINATION PROVISION
Eiden Systems Corporation (ESC) is an equal opportunity employer and is committed to creating an inclusive and respectful workplace. ESC does not discriminate against any employee or applicant based on age, color, disability, gender, national origin, race, religion, sexual orientation, veteran status, or any other classification protected by federal, state, or local law.
In accordance with 41 CFR 60-1.35(c), ESC will not discharge or otherwise discriminate against employees or applicants for discussing, disclosing, or inquiring about their own pay or the pay of another employee or applicant. However, employees who have access to compensation information as part of their essential job functions may not disclose the pay of others to individuals who do not have authorized access—unless such disclosure is made (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or legal action (including those conducted by ESC), or (c) as otherwise required by law.
NO THIRD PARTIES
The ideal candidate will serve as the serve as primary security liaison between engineering, PM’s and USG representatives, translating technical risks into plain English for non-technical stakeholders while providing technical guidance to developers.
Key Responsibilities:
• Conduct automated and manual security assessments using Tenable Nessus, STIG Viewer, and SCAP Compliance Checker (SCC) across embedded hardware, firmware, and network infrastructures.
• Analyze scan results to develop and implement remediation scripts or configuration changes. Balance high-security postures with the unique operational constraints of deployed systems
• Author and manage Plans of Action and Milestones (POAMs) for vulnerabilities that cannot be immediately remediate, ensuring clear paths to resolution and documented risk acceptance.
• Review system architecture diagrams and design documents to provide technical IA guidance, ensuring security is baked into the System Development Life Cycle (SDLC) rather than bolted on at the end.
• Generate and maintain the body of evidence required for Interim Authority to Test (IATT) and Authority to Operate (ATO) packages under the RMF.
Required Qualifications:
• 5-10 years working a technical role in the RMF framework committing to duties such as:
o Performing automated and annual security audits using Nessus, STIG viewer and SCC
o Direct experience implementing security patches and configuration changes while ensuring functional operability
o Managing the RMF process, including the drafting of remediation plans
• Competency in Bash, Powershell, and Python to execute security hardening.
• Working knowledge of NIST 800-53
• Certification: Must meet DoD 8570.01-M requirements / IAT Level II or III (Security+, CySA+, CISSP, etc)
• Clearance: TS with SCI Eligibility
Preferred Qualifications:
• Proficiency in PowerShell, Bash, or Python to automate the deployment of security configurations and speed up the remediation cycle.
• Understanding Layer 2/3 security, including port security, VLAN tagging, and firewall rule-set optimization.
• Experience with Hardware in the loop testing environments
• Assist in establishing a continuous monitoring strategy to maintain the system's security posture post-ATO.
ESC offers a competitive compensation package that includes premium health, dental, and vision insurance, a 401(k) plan with company match, life insurance, short- and long-term disability coverage, and more. We also prioritize work-life balance, supporting our team in maintaining a healthy blend of professional and personal well-being.
PAY TRANSPARENCY NONDISCRIMINATION PROVISION
Eiden Systems Corporation (ESC) is an equal opportunity employer and is committed to creating an inclusive and respectful workplace. ESC does not discriminate against any employee or applicant based on age, color, disability, gender, national origin, race, religion, sexual orientation, veteran status, or any other classification protected by federal, state, or local law.
In accordance with 41 CFR 60-1.35(c), ESC will not discharge or otherwise discriminate against employees or applicants for discussing, disclosing, or inquiring about their own pay or the pay of another employee or applicant. However, employees who have access to compensation information as part of their essential job functions may not disclose the pay of others to individuals who do not have authorized access—unless such disclosure is made (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or legal action (including those conducted by ESC), or (c) as otherwise required by law.
NO THIRD PARTIES
group id: eidensys
