Cyber Security Engineer - Certification
Redmond, Washington | Direct Hire
Position Title: Cyber Security Engineer - Certification
Position Description: Protingent Staffing has an exciting opportunity with our client in Redmond, WA.
This is an exciting opportunity to be in a position to take the lead role in efforts to deliver, develop and grow the client’ s portfolio across the Cyber Services market; providing technical guidance as the subject matter expert to the Group in all things cyber security including analysis; product testing information; compliance and maintenance recommendations; technical reviews and independent checks.
This role’ s primary focus will center around the overseeing responsibility for reviewing, testing, and reporting on the implementation of cyber security controls for the client’ s products and system. The ideal candidate will have a background in security risk management and quantification experience. This role will take the lead for participation in audits of Security Development Life Cycle (SDLC) and conduct security control assessments in accordance with cybersecurity standards or frameworks including development of security assessment plans and assessment.
- Empower results for our client' s customers by introducing innovative and effective risk management and security solutions
- Provide support to projects during the development phases
- Operate as a technical subject matter expert and mentor cross functional teams regarding integration with multiple cyber security technologies
- Lead and also participate in audits of Security Development Lifecycle including development of security assessment plans and assessment
- Perform mentoring duties to more junior staff, i.e. Lab Tech’ s, Certifier Levels I, II & III reviewing evaluations, findings letters, client communication (where appropriate) and acceptance of project work as a mentor
- Run and complete the vulnerability and CRT tests with the end result of providing the client with a report and which includes the audit results
- Ensure completion of projects within established deadlines to meet or exceed client expectations.
- Determine applicable requirements/test/Standard, sample requirements and method/location for testing and evaluation to best suit the client’ s needs
- Evaluate product design/construction, formulates test plans and analyzes test data to determine compliance with applicable company' s and other national or international Standards, frameworks and requirements
- Interface with clients, Certification staff from other certification groups, and other team members, including lab personnel, on any Certification related activities
- Prepare work orders for the test program for the lab. Work in collaboration with fully qualified Certifier or mentor to determine applicable tests, and collaborates with lab personnel
- Bachelor’ s Degree in Electrical Engineering, Computer Engineering, Computer Science or Equivalent science or engineering degree with minimum 8 years of work experience
- Minimum of 4 years of detailed system level product development involvement in system level product development, systems integration and system level product Test is required. Ideal in IACS (industrial automation and control system) specifically but a similar in-house proprietary framework that provides assurance and audit capabilities necessary for a secure product /software development life cycle would be of interest.
- IACS or minimum of 4 years of systems integration experience for IACS OR similar framework.
- Minimum 6 years system level product Test of IACS or similar framework; this experience level includes 2 years with software security-related responsibilities and 2 years involvement with networking technologies
- Minimum 1 year of experience performing software process audit OR 2 years in position in which software process has been audited on 3 or more products
- Hands on work experience with:
- Performing compliance and risk assessment audit
- Internal and external auditors
- At least one of regulatory standards or frameworks, such as: NIST SP 800-53, NIST Cyber Security Framework, IEC 62443, UL 2900, FISMA, SOX, HIPAA / HITRUST, ISO 27001, Common Criteria, COSO, COBIT, CLASP, DO-178B, IEC 61508, ISO/IEC 15408-3, Microsoft Security Development Lifecycle
- Professional certification CISA, CISSP, GICSP or equivalent
- Experienced knowledge level of at least two different IACS or similar framework AND general knowledge of application of IACS or similar framework and roles and duties of employees at sites using IACS or similar framework AND Moderate level knowledge of networking and communication protocols AND Able to independently read and interpret requirement specifications for IACS products or similar framework AND Able to independently read and understand user installation and configuration documents for IACS products or similar framework AND Knowledge of methods used to protect communications and detect / prevent communication attacks
- Strong interpersonal skills and proven track record in establishing and sustaining close working relationships with functional teams and subject matter experts as well as IT technical, development, and support personnel
- Understanding and working knowledge of information security data and processes
- Highly motivated, self-starting individual, and able to multi-task and manage to timelines
About Protingent: Protingent is a niche provider of top Engineering and IT talent to Software, Electronics, Medical Device, Telecom and Aerospace companies nationwide. Protingent exists to make a positive impact and contribution to the lives of others as well as our community by providing relevant, rewarding and exciting work opportunities for our candidates.