G

Information Security Engineer

Goldbelt
Full-time
On-site
Virginia, United States

Overview

Goldbelt Incorporated is an Alaska Native Corporation (ANC) headquartered in Juneau, Alaska, whose mission is to make a significant and positive difference in the lives of more than 4,200 Alaska Native shareholders. Alaska Native Corporations hold a distinct purpose and share a familiar creation story born in an act of Congress in 1971. 
 
Join a fast-growing “forever” company that manages over 30 subsidiaries and provides centers of excellence in a shared service center model based out of Herndon, Virginia. 
 
At Goldbelt, we place a strong emphasis on recognizing and rewarding the dedication and hard work of our team members in pursuit of our company's mission. We are a team focused on gold standard customer service and professional growth with competitive benefits and profit-sharing plans and help support a business model that gives back to the community of shareholders. 

 

Summary:

Goldbelt Inc. is seeking a highly skilled and motivated Information Security Engineer to join our IT Security team. The successful candidate will play a critical role in safeguarding our organization’s information assets, designing robust security systems, and ensuring compliance with industry best practices and regulations. This role involves a mix of strategic planning, hands-on implementation, and ongoing management of security measures to protect our data and infrastructure.

 

This is a remote position that requires working in the Herndon, VA office two days per week.

Qualifications

Necessary Skills and Knowledge:

  • Strong understanding of security controls, specifically NIST
  • Documentation and generation of compliance artifacts
  • Implementation of Identity Management and Conditional Access Policies
  • Design and implementation of SIEM, preferably Microsoft Sentinel
  • Strong understanding of Cyber Attack methods and preventative measures
  • In-depth knowledge of mail flow (Exchange)
  • Penetration testing of applications and infrastructure
  • Understanding Business Challenges and the impact of implementing security policies
  • Ability to embrace change, learn quickly, and thrive in a dynamic corporate environment
  • Skill in working harmoniously within cross-functional teams to achieve common objectives
  • Ability to prioritize tasks, manage multiple projects, and meet deadlines
  • Possesses attention to detail and effective problem-solving skills
  • Must have the ability to communicate effectively and diplomatically, both verbally and in writing, with co-workers and with outside agencies, partners, shareholders, and business associates
  • Strong cultural awareness and sensitivity, with the ability to adapt messages and strategies for diverse audiences
  • Basic understanding of relevant software, tools, and systems used in the corporate environment. This includes a proficiency in standard software applications, including Windows and MS Office Suite (Outlook, Word, PowerPoint, and Excel)

Minimum Qualifications:

  • Bachelor's degree in computer science, cyber security, or a related discipline, or equivalent experience
  • Certified Information Systems Security Professional (CISSP)
  • Certified CMMC Registered Practitioner (RP)
  • Minimum 4 – 5 years of experience in information security engineering or a related role
  • Experience with security frameworks and standards
  • Ability to travel up to 25%
  • Ability to successfully pass a background check

Preferred Qualifications:

  • Certified CMMC Professional (CCP)
  • Certified CMMC Assessor (CCA)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA)
  • Certified Ethical Hacker (CEH)
  • Previous experience working with Alaska Native Corporations (ANCs) and/or previous exposure to Alaska Native cultures
  • Previous government contracting experience

 

Pay and Benefits
At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. Our annual incentive compensation plan is designed to reward your contributions to Goldbelt's success. It's a profit-sharing initiative tied to our strategic objectives, demonstrating that your efforts directly impact our achievements. As an employee, you'll also enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.

Responsibilities

Essential Job Functions:

  • Design, implement, and maintain security systems, including firewalls, intrusion detection/prevention systems, and endpoint protection
  • Develop and deploy network security measures such as VPNs, encryption, and secure access solutions
  • Conduct regular vulnerability assessments and penetration testing to identify security risks
  • Develop and implement strategies to mitigate identified vulnerabilities and ensure timely patch management
  • Assist in investigations and response to security incidents, including forensic analysis, reporting, and remediation efforts
  • Assist in developing and maintaining incident response plans and procedures
  • Assist in ensuring compliance with relevant laws, regulations, and standards (NIST, GDPR, HIPAA, PCI-DSS)
  • Conduct regular risk assessments and audits to evaluate the effectiveness of security measures
  • Develop and maintain comprehensive System Security Plans (SSPs) and Plan of Action & Milestones (POA&M) to track and address security vulnerabilities and compliance issues
  • Develop, implement, and enforce applicable security frameworks and standards, including NIST 800-171, ISO/IEC 20000/27001, and CMMC security controls
  • Participate in the development and review of information system security policy and standards
  • Support the development and maintenance of system asset lists, hardware, and software baselines
  • Provide detailed security-related reports including data, analyses, and conclusions upon completion of tests, scans, and assessments
  • Verify and document the implementation of security controls necessary to achieve compliance
  • Keep management apprised of impending areas of concern, verbally and in writing
  • Assist in maintaining and maturing existing information security and risk policies
  • Initiate and lead ongoing information security maturity assessment processes and training
  • Identify and report on key performance indicators for implemented security measures
  • Maintain knowledge of the threat landscape by monitoring threat intelligence sources
  • Develop, implement, and enforce security policies, procedures, and protocols
  • Provide training and awareness programs to educate staff on security best practices and protocols
  • Review logs of network traffic and system activity for signs of potential security breaches
  • Analyze security logs and reports to identify trends, anomalies, and areas for improvement
  • Work closely with IT operations to integrate security into system and software development processes
  • Communicate security issues and recommendations to stakeholders, including Executives, IT staff, and end-users
Apply now
Share this job
Twitter Facebook Linkedin Email