SENIOR IT SECURITY ENGINEER

Founded in 2017 and headquartered in Manassas, Virginia, Toomey Technologies is a SBA certified HUBZone, and Woman Owned Small Business experienced in Program Management and Solution Implementation support services. We are a proven small business with an established track record and reputation supporting critical initiatives across a wide range of federal clients.  We develop and execute strategies to maximize mission success and apply in-depth industry knowledge, analytics expertise, and strategic acumen to design the right solution. Once the strategy is in place, we help communicate the changes and promote adoption among stakeholders.

Serve as a Cybersecurity Subject Matter Expert (SME) supporting agency personnel with FPCS assessments.

• Provide cybersecurity support and documentation to obtain favorable assessments and for continuous monitoring of systems throughout their lifecycle.
• Fully versed in the general tenets supporting the overall implementation of its authorization process, to include supporting cybersecurity policy, procedures and processes.
• Support cybersecurity process by serving as a SME for the FPCS undergoing authorization.
• Design, develop, implement cybersecurity into the system and deliver cybersecurity assessment documentation and other related documentation.
• Possess an understanding of how the security controls identified in the NIST 800-53 apply to the process of assessing and authorizing FPCS.
• Determine the applicable severity value for an identified vulnerability (e.g., non-compliant security control), and determine the possible ramifications on the system’s current or future authorization.
• Perform key functions related to security control selection, implementing controls, documenting controls, and closely collaborate with personnel on complex system details. This includes monitoring and controlling communications at key internal boundaries among subsystems and providing system-wide common controls that meet or exceed the requirements of the constituent subsystems inheriting those system-wide common controls.
• Development, integration, and testing to deliver and deploy production-ready systems that meets business requirements and project schedule.
• Work closely with product management to translate business requirements into technical solutions, architecture design, level of effort and project schedule.
• Design architecture and establish best practices that produce efficient and elegant system operations while reducing refactoring and rework.
• Provide support with the STIGs process and develops and submit cybersecurity documentation
• Responsible for the implementation, including meeting all required STIG compliance; keeping the FPCS systems/applications in compliance with required STIGs; and supporting reviews associated with STIGs, cyber assessments, and continuous monitoring activities.

• Active Secret Clearance
• Bachelor's degree in Computer Science, Information Technology, or a related field
• 10 years of experience may be considered in lieu of degree. 
• Relevant certifications such as CISSP, CEH, or CISM
• Five (5) years of relevant Certification and Accreditation (C&A) experience; RMF and NIST C&A experience
• In-depth knowledge of cybersecurity best practices, encryption technologies, and risk management
• Experienced with compliance standards
• Strong analytical and problem-solving skills with attention to detail
• Excellent communication abilities and experience working in cross-functional teams
• Experience in government or defense-related environments is a plus

Only qualified candidates will be contacted.  Be sure to keep an eye on your spam or junk folders in case our emails end up in there!  Please, no phone calls directly to our business, CEO, hiring managers, or recruiters. Due to the high volume of applicants, we typically receive for our career openings, we are not able to do phone interviews until later stages of the hiring process.

Toomey Technologies is an equal opportunity employer.