Company Overview

At Jensen Hughes, we lead with our Purpose + Principles and value our people. Across our global partnership of experts, clients, and communities, we are recognized worldwide for our leadership in fire protection engineering, a legacy of responsibility we have advanced with pride since 1939. Today, our expertise extends broadly across closely related risk management fields — from accessibility consulting, risk and hazard analysis, process safety and forensic investigations to security risk consulting, emergency management and digital innovation. As we champion best practices, set industry standards and support communities with innovative solutions, we are making the world a better place.

We believe that creating and sustaining a culture of trust, integrity and professional growth fundamentally includes a sustained commitment to Diversity, Equity, and Inclusion.

At Jensen Hughes, diversity is ingrained in our culture -- we accept people for who they are, regardless of age, disability, gender identity, gender expression, marital status, mental health, race, faith or belief, sexual orientation, or socioeconomic background. Our differences and uniqueness are celebrated and reflected in our wide range of Global Employee Networks.

Job Overview

Jensen Hughes has an exciting opportunity for a Senior Information Security Engineer to report to the Director of Information Security and become part of our 1,500+ employees who work together to advance the science of safety every day. This newly created position is an excellent career opportunity for an experienced candidate. The position is remote and can be located anywhere in the US.

Responsibilities

The candidate will be working on a variety of Information Security projects to bring Jensen Hughes into compliance with NIST requirements, including but not limited to 800-171 and 800-53. Strong understanding of how to apply security regulations, specifically, NIST SP 800-171, in a diverse and complex environment is a must.

Requirements and Qualifications

• BS Degree (or equivalent experience) in an Information Technology, Information Security or Computer Science field and/or at least 10 years’ information security experience.

• Knowledge and understanding of the following frameworks: NIST 800-53, NIST 800-171, and ISO 27001.

• Demonstrated experience with the following:

• Privileged account management.

• At least 2 years’ experience building baselines aligned to DoD STIGS.

• Experience with Virtual Desktop Infrastructure management from a security perspective.

• Application of DFARS regulations in a hybrid networking environment.

• Extensive experience configuring and managing Data Loss Prevention (DLP) tools.

• Knowledge of Plan of Action and Milestones (POA&Ms) and System Security Plan (SSP) processes.

• Prior penetration testing or application security experience is preferred.

• Ability to write and revise Information Security documentation (policies, procedures, and standards).

• A CISSP certification.

• US Citizenship or permanent residency is required.

#LI-KV1

#LI-Remote

Jensen Hughes is an Equal Opportunity Employer. Qualified candidates will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.

The security of your personal data is important to us. Jensen Hughes has implemented reasonable physical, technical, and administrative security standards to protect personal data from loss, misuse, alteration, or destruction. We protect your personal data against unauthorized access, use, or disclosure, using security technologies and procedures, such as encryption and limited access. Only authorized individuals may access your personal data for the purpose for which it was collected, and these individuals receive training about the importance of protecting personal data. Jensen Hughes is committed to compliance with all relevant data privacy laws in all areas where we do business, including, but not limited to, the GDPR and the CCPA. Additionally, our service providers are contractually bound to maintain the confidentiality of personal data and may not use the information for any unauthorized purpose.

*Policy on use of 3rd party recruiting agency for direct placements

Jensen Hughes will occasionally augment a recruiting search through agencies for certain positions when business conditions warrant. Jensen Hughes will not accept resumes, inquiries or proposals from recruiting agencies as an acceptable method to consider a candidate. 3rd party recruiting agencies must sign a standard Jensen Hughes agreement after being evaluated and accepted by a Human Resources or Talent Acquisition manager, or member of the talent acquisition team. Hiring managers and employees of Jensen Hughes are not authorized to accept resumes, engage in fee-based searches through recruiting firms or sign a search agreement. Please note this policy does not apply to “staffing firms” or firms that are involved with hiring temporary staff. Any recruiting agency interested in being considered may contact our recruiting team at jensenhughesrecruiting.com.