Information System Security Engineer (ISSE)

About The Position

Requirements

• DoD 8570 IAT Level II certification or higher (ex: Sec+, CISSP, CASP, etc.)
• 5 years of implementing NIST 800-53, Rev 4 and the Risk Management Framework (RMF)
• 5 years of experience with Windows and/or Linux environments
• 3 years of experience with virtualization or cloud environments (AWS preferred)
• 2 years of using information security and assurance practices and principles
• Experience with ACAS/Nessus for scanning & SIEM/Splunk to configure
• Must have an active TS/SCI level clearance

Nice To Haves

• Incident handling procedures
• Experience with Terraform & Ansible
• Other Security related certification: (Cloud, SIEM, forensics, Linux, Windows, etc)
• Experience working in a DevSecOps project environment
• Formerly or currently a system administrator, developer, or engineer
• Experience with MS Active Directory, McAfee, Windows, Linux, AWS Security, etc.
• Strong verbal and written communication skills
• Able to engage with users in a professional manner and present technical concepts plainly to semi-technical customers with seasoned Government personnel
• Ability to work in a matrixed team environment and support multiple different efforts as needed
• Desire to learn new technologies and tools and willing to share your experience with the team
• JSIG or ICD 503 compliance

Responsibilities

• Review new and existing systems for technical compliance with IA directives and protection of data at all classification levels including SCI
• Advise on in-depth security design review and threat/risk assessments
• Provide inputs to technical artifacts, including Plans of Action and Milestones (POA&Ms), Security Control Traceability Matrices (SCTM), and Risk Assessment Reports (RARs)
• Conduct site visits and assessments to inspect IA plans and security control implementations
• Support Incident Response Team (IRT) activities

Benefits

• Hands-on experience
• Certifications
• Industry training