Information Systems Security Engineer (ISSE) / Penetration Tester - FULLY CLEARED with POLYGRAPH REQUIRED
Constellation Technologies•Annapolis Junction, MD
About The Position
This role is for an Information Systems Security Engineer (ISSE) / Penetration Tester who requires full clearance and a polygraph. The position involves extensive experience in both ISSE and Penetration Testing, with a strong understanding of security tools, hardware/software security implementation, communication protocols, encryption techniques, and web services. The candidate will apply Risk Management Framework (RMF), conduct vulnerability testing, and ensure secure configurations of operating systems. Responsibilities include developing and implementing integrated security services management processes, providing information assurance support for application development, and performing system security certifications. The role requires the ability to work on multiple systems simultaneously, plan and prioritize tasks effectively, and communicate technical options and trade-offs clearly. High-quality work is expected both independently and as part of a team in a fast-paced environment.
Requirements
- Must be a US Citizen
- Must have TS/SCI clearance w/ active polygraph
- Must have ten (10) years of experience with both ISSE and Penetration Testing
- Extensive, demonstrated knowledge of and experience with common security tools, such as Nessus, NMAP and Wireshark
- Extensive knowledge of hardware/software security implementation, communication protocol, encryption techniques/tools, and web services
- In-depth understanding and extensive experience with security practices and policies
- Hands-on vulnerability testing using Tenable Nessus scanning products and/or NMAP (Network Mapper)
- Experience with Defense in Depth Principals/technology, including access control, authorization, identification and authentication, public key infrastructure, network and enterprise security architecture, and applying risk assessment methodology to system development
- Experience applying Risk Management Framework
- Experience formulating and assessing IT security policy
- Experience with secure configurations of commonly used desktop and server operating systems
- Experience with penetration testing tools
- Experience developing and implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response
- Experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass system development, design, and implementation
- Comfortable working on multiple systems and components simultaneously in various configurations
- Able to effectively plan & prioritize tasking
- Able to communicate clearly regarding technical options and trade-offs
- Capable of performing high quality work both independently and with a team in a fast-moving environment
Nice To Haves
- Bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or a related discipline
- DoD 8570 compliance with IASAE Level 2 or 3
- Information Systems Security Engineering Professional (ISSEP) Certification
- Computer Information Systems Security Professional (CISSP) Certification
- Experience with scripting languages
- GIAC Web Applications Penetration Tester (GWAPT) Certification
- GIAC Penetration Tester (GPEN) Certification
- Certified Ethical Hacker (CEH) Certification
- Certified Information Security Manager (CISM) Certification
- Certified Web Application Defender (GWEB) Certification
- Certified Information System Security Professional (CISSP) Certification
Responsibilities
- Conducting penetration testing and vulnerability assessments using tools like Nessus and NMAP.
- Implementing and assessing IT security policies.
- Ensuring secure configurations of desktop and server operating systems.
- Developing and implementing integrated security services management processes, including network penetration testing, anti-virus planning, risk analysis, and incident response.
- Providing information assurance support for application development, including system security certifications and firewall evaluations.
- Applying Risk Management Framework (RMF).
- Applying Defense in Depth Principles/technology, including access control, authorization, identification and authentication, public key infrastructure, network and enterprise security architecture.
- Planning and prioritizing tasks effectively.
- Communicating clearly regarding technical options and trade-offs.
- Performing high-quality work independently and with a team in a fast-moving environment.
Benefits
- Affordable healthcare options with 80% employer paid premium PLUS a company-funded HSA
- Comprehensive Dental package
- Vision with 80% employer paid premium
- Employer paid Life insurance 100%
- Employer paid Short-term and Long-term disability 100%
- Annual training, continued education, and professional memberships reimbursement
- Unlimited access to Red Hat Enterprise Linux, AWS, and NetApp training and accreditation
- Annual reimbursement for technology i.e. phones, computers, printers, etc.
- 401(k) with company match up to 5% with 100% immediate vesting (after 90 days of employment)
- Professional development investment and paid time off for training
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Senior
