CIS Security Engineer

Do you know askblue?

We were born in 2013, and we provide services in the field of information technology.

We are looking for an CIS Security Engineer to join our company in one of our projects.

Duties & Responsibilities

• Support the definition, design, procurement/development, and implementation of secure Communications and Information Systems (CIS).
• Ensure compliance with CIS security accreditation policies and maintain appropriate security risk levels.
• Conduct and document security risk assessments and policy compliance to support system accreditation.
• Collaborate with the CTO’s CIS Planning and Implementation Authority (CISPIA) to deliver secure CIS solutions aligned with organizational guidance.
• Integrate cybersecurity measures throughout the full system lifecycle (from design to operation).
• Represent the organization in CIS security governance forums and stakeholder engagements.
• Develop and manage required security accreditation documentation, including:
  • CIS Description
  • Security Accreditation Plan (SAP)
  • Security Risk Assessment (SRA)
  • Security Requirement Statements (SRSt)
  • Security Operating Procedures (SecOPs)
  • Security Test & Verification Plan (STVP)
  • Security Test & Verification Report (STVR)

Requirements

• Bachelor’s degree in a relevant field + minimum 4 years of related experience,
  OR
• No degree, but at least 8 years of extensive, progressive relevant experience.

• Strong understanding of cybersecurity domains, including:
  • Boundary protection
  • Encryption
  • Identity & access management
  • Monitoring & detection
  • Incident response
  • Vulnerability assessment
  • Risk management
• In-depth knowledge of:
  • CIS security principles
  • Networking
  • Vulnerabilities in modern operating systems and application

Professional Experience

• At least 4 years of experience in:
  • Cybersecurity principles, technologies, and best practices
  • CIS security controls (traditional and cloud environments)
  • Designing, implementing, testing, and validating security components
  • Conducting security risk assessments and supporting accreditation processes
  • Identifying threats, vulnerabilities, and residual risks with mitigation recommendations
  • Supporting security accreditation in large-scale CIS projects
  • Using risk assessment methodologies and tools

Additional Skills

• Experience in:
  • Writing and enforcing security policies and procedures
  • Compliance audits (e.g., ISO 27001, NIST 800-53, GDPR)
  • Governance, Risk, and Compliance (GRC)
• Strong communication and technical writing skills

Certifications (Desirable)

• Certifications such as:
  • CISA (Certified Information Systems Auditor)
  • CISSP (Certified Information Systems Security Professional)

Work Arrangement:

• Hibrido

Offer:

• Health Insurance;
• 3 and a half days of leave per year + 22 vacation days;
• Unlimited access to Udemy.

If you are interested in the opportunity, upload your C.V. or send it to angela.rei@askblue.com with the reference # 16801383 in the subject.

askblue - Where Business meets Technology