Information System Security Engineer

About The Position

Requirements

• Have a current Top Secret Clearance with SCI eligibility
• Current Counter Intelligence (CI) Polygraph or consent to undergoing a Government CI Polygraph
• Must be a U.S. Citizen.
• Successfully pass a background check
• BS degree in Computer Science, Information Technology, Computer Information Systems, or related discipline is required.
• Technical experience and skills, course work completed toward a degree, and industry IT certifications may be considered substitutes for education and DoD security experience.
• Active knowledge of DISA Policy STIGs, and NIST RMF is required
• Technical skills in securing multiple traditional and virtual systems including Windows Server 2016 and 2019, Windows 11, Red Hat Enterprise Linux, Ubuntu, Mac, etc.
• Experience developing and integrating Data Loss Prevention strategies utilizing Endpoint Security solutions
• Demonstrated capabilities in presenting ideas written and orally within a cross-functional environment required

Nice To Haves

• A minimum of 6 years of IT security experience in DoD Industrial Security is required, leadership skills relevant to this experience
• Possess a DoD 8570.01-M IASAE Level II baseline certification or ability to obtain one with 6 months of employment, ISC2 CISSP
• Experience and skill developing and integrating various sized network environments, to include various network infrastructure products such as routers and switches is desired
• Prior experience working in a collaborative team environment
• Prior experience working with Special Access Programs government networks

Responsibilities

• Assist in the security design and configuration of classified systems and networks in a variety of traditional and virtual environments including Linux, Mac, and Windows.
• Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
• Integrate, test, and configure Free and Open Software (FOSS), Commercial-off-the-Shelf (COTS), Government-off-the-Shelf (GOTS), and custom software.
• Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels or transfer of information through Cross Domain Solutions (CDS).
• Provide security direction to design and development teams, monitor progress and productivity through planning and the use of metrics.
• Assist in developing System Security Plans (SSPs) and associated artifacts such as network diagrams, architectural plans, operating system baselines, and standardized configurations.
• Provide input and direction within DevSecOps programs from application security testing toolset selection (SAST, DAST, dependency analysis) to application security assessments.
• Apply Protected Distribution System (PDS) requirements and TEMPEST concepts to existing and planned infrastructure.
• Analyze network, system, and application vulnerability scanning, configuration assessment, and remediation for improvements to strategies.
• Act as Laboratory information security representative to multiple DOD Agencies.
• Lead efforts to prepare for technical parts of periodic organization compliance assessments.
• Perform information security policy gap analysis and formulate corrective actions.
• Assist ISSM team as needed with compliance audits, system authorization, sanitization, and incident response.
• Assist Information Security Management in performing oversight of information security operations for Collateral systems.

Benefits

• Comprehensive health, dental, and vision plans
• MIT-funded pension
• Matching 401K
• Paid leave (including vacation, sick, parental, military, etc.)
• Tuition reimbursement and continuing education programs
• Mentorship programs
• A range of work-life balance options