Information System Security Engineer

About The Position

Requirements

• 10+ years of experience in an ISSE, ISSO, or IT role
• Experience with HBSS or Trellix
• Experience with Active Directory and Group Policy
• Experience with Security Technical Implementation Guide (STIG)
• Experience with Vulnerability Management, such as ACAS, Nessus, NexPose, or OpenVAS
• Experience with administering, maintaining, implementing upgrades, and ensuring the readiness of several classified virtual enterprise systems and corresponding technologies, such as Enterprise Linux, Cisco Systems, Juniper, Switch, Router, NGFW, Red Hat, Palo Alto, Windows Server, or Windows Workstation
• Knowledge of Information Assurance (IA) concepts, practices, and procedures using established DoD security policies and standards to mitigate RMF security risks, and how system engineers and administrators perform system hardening utilizing STIGs
• TS/SCI clearance
• Bachelor’s degree
• DoD 8140 baseline Level II Certification, such as Security+, CySA+, or CISSP

Nice To Haves

• Experience with ICAM principles and technologies, such as multi-factor authentication and privileged access management
• Experience with DoD architecture, strategic planning, concept of operations, performance attributes, system architecture and design, evolving methodologies, and statutory or regulatory requirement
• Experience with Security Information and Event Management (SIEM) systems, such as Splunk, Elastic, Logstash, or Kibana
• Experience with data broker technologies, such as Cribl or Confluent, operating systems security events, such as Windows or Linux, and networking protocols, such as TCP/IP, DNS, DHCP, or HTTP/HTTPS
• Experience with cybersecurity tools and technologies, such as IDS/IPS, firewalls, host-based security, or Identity and Access Management (IDAM), and DevSecOps tools and practices, such as CI/CD pipelines, such as GitLab CI/CD, or Azure DevOps
• Knowledge of Zero Trust principles and frameworks, such as NIST 800-207
• TS/SCI clearance with a polygraph
• Master's degree in Cybersecurity, Computer Science, Information Technology, or a related technical field
• Offensive Security Certified Professional (OSCP), GIAC Certified Incident Handler (GCIH), or GIAC Vulnerability Assessment Professional (GVAP) Certification

Responsibilities

• Implement and manage policies and procedures to ensure database and software security.
• Apply leading-edge principles, theories, and concepts and contribute to the development of new principles and concepts.
• Work on unusually complex problems and provide highly innovative solutions.
• Operate with substantial latitude for unreviewed action or decision.
• Mentor or supervise employees in both company and technical competencies.
• Administering, maintaining, implementing upgrades, and ensuring the readiness of several classified virtual enterprise systems and corresponding technologies

Benefits

• health
• life
• disability
• financial
• retirement benefits
• paid leave
• professional development
• tuition assistance
• work-life programs
• dependent care
• recognition awards program