back Back to Jobs

Cyber Security Certification Engineer

Location: Seattle, WA, United States
Job # 9408623
Located in the Seattle area, we are searching for a Cyber Security Certification Engineer.  In this role you will center around the overseeing responsibility for reviewing, testing, and reporting on the implementation of cyber security controls for products and system.  The ideal candidate will have a background in security risk management and quantification experience.  This role will take the lead for participation in audits of Security Development Life Cycle (SDLC) and conduct security control assessments in accordance with cyber security standards or frameworks including development of security assessment plans and assessment.
 
Responsibilities:
 
  • Empower results for our clients by introducing innovative and effective risk management and security solutions
  • Provide support to projects during the development phases
  • Operate as a technical subject matter expert and mentor cross functional teams regarding integration with multiple cyber security technologies
  • Lead and participate in audits of Security Development Lifecycle including development of security assessment plans and assessment
  • Perform mentoring duties to more junior staff, i.e. Lab Tech’s, Certifier Levels I, II & III reviewing evaluations, findings letters, client communication (where appropriate) and acceptance of project work as a mentor
  • Run and complete the vulnerability and CRT tests with the end result of providing the client with a report and which includes the audit results 
  • Ensure completion of projects within established deadlines to meet or exceed client expectations.
  • Determine applicable requirements/test/Standard, sample requirements and method/location for testing and evaluation to best suit the client’s needs
  • Evaluate product design/construction, formulates test plans and analyzes test data to determine compliance with applicable and other national or international Standards, frameworks and requirements
  • Interface with clients, Certification staff from other certification groups, and other team members, including lab personnel, on any Certification related activities
  • Prepare work orders for the test program for the lab. Work in collaboration with fully qualified Certifier or mentor to determine applicable tests, and collaborates with lab personnel
 
Skills and Experience:
  • Bachelor’s Degree in Electrical Engineering, Computer Engineering, Computer Science or Equivalent science or engineering degree with minimum 8 years of work experience;
  • Proven experience and/or proficiency in the following:
    • Minimum of 4 years of detailed system level product development involvement for IACS or minimum of 4 years of systems integration experience for IACS OR Min 6 years system level product Test of IACS; this experience level includes 2 years with software security-related responsibilities and 2 years involvement with networking technologies
    • Minimum 1 year of experience performing software process audit OR 2 years in position in which software process has been audited on 3 or more products
    • Hands on work experience with:
      • Performing compliance and risk assessment audit
      • Internal and external auditors
      • At least one of regulatory standards or frameworks, such as: NIST SP 800-53, NIST Cybersecurity Framework, IEC 62443, UL 2900, FISMA, SOX, HIPAA / HITRUST, ISO 27001, Common Criteria, COSO, COBIT, CLASP, DO-178B, IEC 61508, ISO/IEC 15408-3, Microsoft Security Development Lifecycle
  • Professional certification CISA, CISSP, GICSP or equivalent
  • Experienced knowledge level of at least two different IACS AND General knowledge of application of IACS and roles and duties of employees at sites using IACS AND Moderate level knowledge of networking and communication protocols AND Able to independently read and interpret requirement specifications for IACS products AND Able to independently read and understand user installation and configuration documents for IACS products AND Knowledge of methods used to protect communications and detect / prevent communication attacks
  • Strong interpersonal skills and proven track record in establishing and sustaining close working relationships with functional teams and subject matter experts as well as IT technical, development, and support personnel
  • Understanding and working knowledge of information security data and processes
  • Highly motivated, self-starting individual, and able to multi-task and manage to timelines
this job portal is powered by CATS