Cyber Security Engineer-Information Systems Security Engineer (ISSE) - Senior Principal

About The Position

Requirements

• 18+ years' technical experience in cybersecurity, information technology with focus on cybersecurity implementations.
• Demonstrated ability to understand cybersecurity needs of systems at varied stages of the SDLC.
• Firm understanding of the DoD 8500.1-M, DoDM 5205.07, Volume 1, Joint SAP Implementation Guide (JSIG), National Institute of Standards and Technology (NIST) Special Publication 800-53, Intelligence Community Directive (ICD) Number 503.
• Excellent oral and written communication skills and ability to clearly translate client technical needs into technical specifications.
• Demonstrated ability to complete tasks, drive projects to closure, assimilate and correlate project information in a fast-paced environment.
• Demonstrated ability to assess and articulate risk, including to non-technical audiences.
• Experience working on DISA Security Technical Implementation Guide (STIG) implementation.
• Experience working on-site in a government client environment.
• Familiarity with security procedures while working in a SCIF/SAPF environment.
• Familiarity and experience with NSA requirements for COMSEC.
• Experience with DoD Acquisition Lifecycle experience and/or Rapid Acquisition / Rapid Delivery experience
• Capable of applying system security engineering expertise to various client programs/processes (e.g., system security design process, engineering life cycle, information domain and cross domain solutions, identification/authentication/authorization of commercial off-the-shelf and government off-the-shelf software employment, system integration, risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, continuous monitoring, auditing, assessment and authorization, confidentiality, integrity, and availability.
• Bachelor's degree in engineering, computer science, cybersecurity, networking, or programming.
• Certified Information Systems Security Professional (CISSP or (CISSP-ISSEP/CISSP-ISSAP)
• Certified Cloud Security Professional (CCSP).
• AWS Architect or other similar cloud technology security certification
• Security Clearance Level Required: Must possess an active Top Secret security clearance, current within five (5) years, based upon a T5 or T5R investigation (formerly known as Single Scope Background Investigation (SSBI) or SSBI Periodic Review (SBPR).
• Please Note: U.S. Citizenship is required.

Nice To Haves

• Master's degree in engineering, computer science, cybersecurity, networking, or programming, (Highly Desired).

Responsibilities

• Serve as the Information Systems Security Officer (ISSE) providing technical input, recommendations, and assistance with the implementation of both higher and granular-level cyber security approaches, methods and solutions that incorporate and maintain compliance to requirements resulting from laws, regulations, and other pertinent guidance.
• Participate in acquisition meetings (PMR, PDR, CDR, etc.), concept of operation (CONOP) working groups, change boards, technical exchange meetings and other similar activities.
• Design and develop security requirements that drive down risk while maintaining operational capability.
• Work between architecture-level and implementation-level engineering meetings to maintain a system-wide view of security functions and apply risk mitigation strategies at the appropriate level.
• Guide and verify defense contractors' work against program requirements and goals.
• Interface with program managers to explain security requirements, risks and mitigations relative to their priorities of cost and schedule to ensure an acceptable risk tolerance.
• Evaluate newly identified threats and vulnerabilities to customer information systems to ascertain the need for additional safeguards and develop timely implementation strategies to reduce risk.
• Enforce the design and implementation of trusted relationships among external systems and architectures.
• Assess proposed changes to customer information systems, their operation environment, and mission needs for impacts to cybersecurity architectures and continued compliance with cybersecurity requirements.
• Provide inputs to development teams responsible for designing and developing organizational information systems and upgrading legacy systems.
• Employ best practices when implementing security requirements for information systems including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques.
• Keep abreast of current and new security technologies and threats to better support the customer in maintaining cybersecurity resilience.
• Identify integration issues related to the implementation of new systems within the existing infrastructure; recommend mitigation and/or resolution options as appropriate.
• Assist in the design of systems and networks that encompass multiple enclaves to include those with differing data protection/classification requirements.