FirstBank Jobs

Your Impact:

The team is seeking a highly skilled and experienced Principal Information System Security Engineer to join our team. The successful candidate will bring extensive knowledge and hands-on experience in cybersecurity engineering, risk management frameworks, and secure software development lifecycle management. This role involves leading and managing accreditation efforts, conducting risk assessments, and collaborating with cross-functional teams to ensure the highest standards of information security across our applications and systems.

#DVS

• Responsibilities: - Oversee cybersecurity measures for applications within an agile software environment. - Manage the assessment and authorization (A&A) efforts for accrediting and reaccrediting system authorizations. - Utilize common control provider (CCP) knowledge to secure authorization for applications on new platforms. - Work closely with stakeholders to ensure seamless decommissioning and accreditation of replacement systems with no downtime. - Conduct technical exchange meetings (TEMs) and liaise with key departments to facilitate A&A efforts. - Track and manage Plan of Action and Milestones (POAMs) across all systems, ensuring completion and recommending remediation steps. - Conduct system self-scans to support initial, update, and reaccreditation efforts. - Perform technical planning, system integration, verification and validation, and risk assessments. - Create Basis of Estimate (BOE) documentation and other critical artifacts for system A&A efforts. - Develop and document security evaluation test plans and procedures. - Provide documentation and recommendations for security best practices and risk management framework (RMF) accreditation. - Drive application security and secure software development lifecycles, including containerization security as per NIST SP 800-190. - Conduct hands-on security testing, analyze test results, and recommend countermeasures. - Provide guidance on cloud computing services, deployment architecture, and network management tools. - Review project requirements and assist in the development and tracking of project tasks and client deliverables. - Communicate with clients on project-specific activities and manage project-related deliverables. - Facilitate process working groups to analyze existing processes and create new business strategies. Here’s What You’ll Need: - TSSCI w/ Poly- Bachelor's Degree in Security and Intelligence, or a related field.- Security CE, AWS Advanced Architect, and Splunk Fundamentals 1 and 2 certifications.- Extensive experience in information system security engineering, risk assessment, and vulnerability management.- Strong understanding of cloud computing services, secure software development lifecycles, and containerization security.- Proficient in creating and maintaining security documentation and Standard Operating Procedures (SOPs).- Demonstrated experience in leading technical exchange meetings, managing project deliverables, and ensuring compliance with security standards and policies. #DVS

Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, religion, creed, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, medical condition, marital or domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability or physical disability, genetic information, military or veteran status, citizenship, low-income status or any other status or characteristic protected by applicable law. Learn more about your rights under Federal EEO laws and supplemental language.