Information Systems Security Engineer (ISSE)

Full Scope•Annapolis Junction, MD

13d

About The Position

We are seeking an experienced Information Systems Security Engineer (ISSE) to join our team. In this role, you will perform technical security assessments of computing environments, identify vulnerabilities and non-compliance with established Information Assurance (IA) standards and regulations, and recommend effective mitigation strategies. You will be responsible for validating and verifying system security requirements, establishing system security designs, and integrating IA and security systems into networking, computing, and enclave environments. Additionally, you will contribute to security planning, risk analysis, certification and accreditation activities, and ensure compliance with relevant security policies and frameworks.

Requirements

Twenty (20) years of experience as an ISSE on programs and contracts of similar scope, type, and complexity.
Bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university.
DoD 8570 compliance with IASAE Level 3 certification is required.
Both Information Systems Security Engineering Professional (ISSEP) and CISSP certifications are required.
A Master's degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline may substitute for two (2) years of experience, reducing the requirement to eighteen (18) years of experience.
Four (4) years of additional ISSE experience may be substituted for a bachelor's degree.
Demonstrated experience in creating, updating, and maintaining System Security Plans (SSPs).
Familiarity with the requirements of Special Test Equipment (STE) and its management in relation to SSPs.
Experience in maintaining waivers on SSPs.
Proficiency in working with DSOs (Designated Security Officers).

Responsibilities

Conduct technical security assessments of computing environments to identify vulnerabilities and non-compliance with IA standards and regulations.
Recommend and implement mitigation strategies to address identified vulnerabilities.
Validate and verify system security requirements and establish system security designs.
Develop, implement, and integrate IA and security systems and components for networking, computing, and enclave environments.
Incorporate IA principles and practices into systems deployed in operational environments.
Collaborate with architects and systems developers to ensure consistent application of security policies and enterprise solutions.
Assist in the development of security architectures and establish trusted relations among external systems and architectures.
Assess and mitigate system security threats and risks throughout the program life cycle.
Support security authorization activities in compliance with relevant frameworks and processes.
Review and provide feedback on certification and accreditation (C&A) documentation.
Apply expertise in system security engineering principles and practices, including risk management, intrusion detection, incident handling, configuration control, and auditing.
Ensure adherence to the principles of IA, including confidentiality, integrity, non-repudiation, availability, and access control.
Collaborate with cross-functional teams to support the implementation of security measures.