Information Systems Security Engineer (ISSE) (TEMPEST), TS/SCI

About The Position

Requirements

• 7+ years' technical experience in cybersecurity, information technology, or systems engineering
• Must have experience working with Special Access Programs (SAPs)
• Strong proficiency fault tolerance, and Reliability, Maintainability, Availability (RMA) subject matter.
• Must possess excellent analytical skills and be capable of quantifying risk to enterprise systems and level of compliance with security policy
• Excellent communication skills (verbal and written) required
• Advanced knowledge in one or more of the following areas: Java, Python, Ruby and/or C++ Linux Expertise (RedHat/RHEL or CentOS preferred) Dynamic & Static Application Security Scanning (e.g., Arachni, OWASP ZAP, BurpSuite, Fortify, Checkmarx, etc.) Virtualization and containers (EC2, Docker) Infrastructure Security Scanning, Vulnerability Scanning (Twistlock, ACAS/Nessus)
• Certification Requirements in one or more of the following: Certified Information Systems Security Professional (CISSP). Certified Cloud Security Professional (CCSP). Information Systems Security Engineering Professional (ISSEP) DOD Information Technology Security Certification and Accreditation Process (DITSCAP) DOD Information Assurance Certification and Accreditation Process (DIACAP)
• Current/active Top Secret/SCI; Current or recent DoD SAP access
• Subject to a Counterintelligence (CI) polygraph

Nice To Haves

• Master’s degree

Responsibilities

• Managing all aspects of an organization's information security system
• Researching, testing, training, and implementing programs designed to safeguard sensitive information from possible compromise
• Work with System Engineering teams to incorporate cyber resiliency objectives, techniques, and design principles into all system engineering and development efforts throughout the systems development life cycle (SDLC)
• Develop and maintain documentation and diagrams for security tools, system environments, and cloud operations
• Perform requirements analysis, design, and integration for complex software applications and collaboration infrastructures
• Participate in the change management process, including reviewing Change Requests and assisting in the assessment of security impact of proposed changes
• Write implementation and design documents describing how security features are implemented
• Create and maintain information system security documentation, Standard Operating Procedures (SOP), and provide guidance on active Plans of Action and Milestones (POA&M)
• Conduct periodic and continuous monitoring of the system, procedures, and documentation to ensure compliance with the authorization package