Information Systems Security Engineer (ISSE) (Onsite)

About The Position

Requirements

• U.S. citizenship is required, as only U.S. citizens are authorized to access information under this program/contract
• Active Secret-level U.S. government security clearance
• Ability to obtain a Top Secret-level clearance
• Ability to obtain access to Special Access Programs
• Advanced degree and 3+ years of combined hands-on experience in systems administration/engineering and/or cybersecurity support role for a combination of servers, desktop computers, operating systems, and virtual computing, preferably of information systems supporting classified programs or activities; OR Bachelor’s degree and 5+ years of relevant industry experience; OR Associate’s degree and 7+ years of relevant industry experience.
• 2+ years hands-on experience in an ISSO, ISSM and/or ISSE role or equivalent.
• Certifications equivalent to or exceeding DoD 8140 functional and baseline certification requirements such as Security+.

Nice To Haves

• Expert-level experience administering and maintaining Splunk Enterprise deployments across enterprise networks; including experience developing custom ingestion pipelines, data visualizations, and leveraging scripts to create custom data inputs.
• Experience leveraging vulnerability scanning solutions like Tenable/Nessus, OpenVAS, ACAS to identify and remediate information system vulnerabilities.
• Strong experience leveraging scripting languages such as (but not limited to) bash, Python, and PowerShell to automate process workflows.
• Experience leveraging DoW / Industry tools to implement hardening standards to various information systems and applications (E-STIG, STIG Manager, SCC.)
• Knowledge of automation/orchestration tools like Ansible.
• Experience performing network traffic analysis using tools like Wireshark to understand communication flows and to identify vulnerabilities.
• Strong understanding of common vulnerabilities (e.g., buffer overflows, SQL injections) and how exploits are developed.
• Strong history of architecting technical solutions to enhance the overall security posture of an organization.
• Knowledgeable in MITRE ATT&CK framework and how threat actors leverage TTPs to exploit information systems, applications, and networks.
• Proficiency in programming languages like Python, C/C++, Java.
• Ability to develop, document and interpret network and wiring diagrams; system, subsystem and device security architectures down to the board level; and data flow diagrams.
• Hold active certifications in the following areas: Splunk (Core Certified Power User, Enterprise Certified Admin, Enterprise Certified Architect) Tenable Security Center GIAC certifications (GSEC, GCIH, GCFE, GPYC, GPEN, GMON) CompTIA (Sec+, CySA+)

Responsibilities

• Serve as an information systems security lead for information technology-related projects supporting the ME portfolio of programs.
• Ensure delivery of required RMF artifact elements for new information systems are compiled and provided to the respective ISSM to be included in RMF packages to be submitted for an ATO.
• Influence and guide team project teams architecting and designing information systems solutions in the employment of configuration options, processes and tools that align with applicable DoW policies and regulations.
• Collaborate with system engineers, developers and system administrators to resolve compliance issues through mitigation and remediation plans.
• Develop, assess, verify, and manage the implementation of information system security-related tools, measures and controls in compliance with applicable DoW and Corporate policies, standards and procedures.
• Periodically review existing systems for opportunities to reduce effort, risk and/or mistake-proof methods and procedures through process improvement.
• Architect automated technical solutions to enhance internal Continuous Monitoring strategies and improve process workflows.
• Lead the effort in closing out POA&M items for Enclave information systems that are associated with technology-related control items.
• Assist in developing and reviewing policies, plans, procedures, and standard work related to information systems security measures and configurations in accordance with applicable DoW policies and regulations tied to the Risk Management Framework (RMF).
• Assist in overseeing and managing the patch management process and execution across all security enclaves.
• Collaborate with peer GSC ISSEs and Corporate equivalents for alignment and sharing of best practices.
• Partner with other GSC ISSEs in participating in and supporting the threat intelligence program.
• Collaborate with GSC ISSE peers, corporate equivalents and the Insider Threat Program Security Officer (ITPSO) for alignment and sharing of best practices.
• In collaboration with the incident response manager, coordinate and/or perform incident response containment, eradication, and recovery tasks involving classified systems and/or spills of classified data to unauthorized systems.
• Support the respective security enclaves in information systems security-related inspection preparations as needed.
• In close collaboration with peer GSC ISSEs, assist in developing and maintaining standards for information security methods and tools.
• Work with the Enclave Senior Manager and Associate Direct, GSC Cybersecurity in authoring and maintaining associated training content.

Benefits

• medical
• dental
• vision
• life insurance
• short-term disability
• long-term disability
• 401(k) match
• flexible spending accounts
• flexible work schedules
• employee assistance program
• Employee Scholar Program
• parental leave
• paid time off
• holidays