Information System Security Engineer (ISSE)

Dark Wolf Solutions•Ogden, UT

6d•$120,000 - $140,000•Onsite

About The Position

Dark Wolf Solutions is seeking an Information Systems Security Engineer (ISSE). The ISSE will work as part of a team reviewing and assessing Risk Management Framework (RMF) authorization body of evidence for classified information systems, to include: System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Continuous Monitoring Plan, Incident Response Plan, Access Control Plan, Security Assessment Plan, etc. Review new and existing systems for technical compliance with IA directives and protection of data at all classification levels including SCI. Advise on in-depth security design review and threat/risk assessments. Provide inputs to technical artifacts, including Plans of Action and Milestones (POA&Ms), Security Control Traceability Matrices (SCTM), and Risk Assessment Reports (RARs). Conduct site visits and assessments to inspect IA plans and security control implementations and support Incident Response Team (IRT) activities. Conduct technical evaluation of information systems design, and information security aspects and accreditation. Perform vulnerability assessments using Nessus Security Scanner, Web Inspect and App Detective. Review requests for software installation and conduct technical risk assessments on software implementation. Coordinate and track security action requests and report status to senior managers. Assist customer staff in resolving operational security issues involving vendors who support the program. Analyze, modify when necessary and maintain the Program’s operational security posture. Conduct and analyze auditing requirements weekly.

Requirements

5+ years of experience in IT security and/or information assurance
Working knowledge of Intelligence Community Information Assurance policies and regulations and how they relate to the certification and accreditation process
Experience authoring and maintaining systems security documentation
Experience in generating appropriate security documentation to receive proper accreditation from customer security personnel, and correcting security shortfalls as they are identified through customer sponsored reviews
Knowledge of threat Understanding of cyber environment and threats of our cyber adversaries
Familiar with how to architect and implement the systems developments form a security perspective
Possesses strong technical skills and analytic ability
Posseses at least one of the following: cyber security certifications: Security+ CE, SSCP, CAP, CISM, CASP, CISSP, GSEC, GICSP, GSLC, CEH, CDNA, CSSLP
Bachelor’s Degree
US Citizenship and active TS/SCI clearance

Nice To Haves

Previous experience as an ISSE/ISSM.

Responsibilities

Reviewing and assessing Risk Management Framework (RMF) authorization body of evidence for classified information systems
Review new and existing systems for technical compliance with IA directives and protection of data at all classification levels including SCI
Advise on in-depth security design review and threat/risk assessments
Provide inputs to technical artifacts, including Plans of Action and Milestones (POA&Ms), Security Control Traceability Matrices (SCTM), and Risk Assessment Reports (RARs)
Conduct site visits and assessments to inspect IA plans and security control implementations and support Incident Response Team (IRT) activities
Conduct technical evaluation of information systems design, and information security aspects and accreditation
Perform vulnerability assessments using Nessus Security Scanner, Web Inspect and App Detective
Review requests for software installation and conduct technical risk assessments on software implementation
Coordinate and track security action requests and report status to senior managers
Assist customer staff in resolving operational security issues involving vendors who support the program
Analyze, modify when necessary and maintain the Program’s operational security posture
Conduct and analyze auditing requirements weekly