Information Systems Security Engineer (level 3)

About The Position

Requirements

• Bachelor’s (BA) degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university is required.
• TS/SCI with Polygraph
• Level 3: Twenty (20) years’ experience as an ISSE on programs and contracts of similar scope, type, and complexity - or twenty-four (24) years’ experience with no BA.
• DoD 8140.03 compliance with IASAE Level 3 is required.
• Information Systems Security Engineering Professional (ISSEP) and CISSP Certifications.

Nice To Haves

• Experience manually reviewing network diagrams, network device configurations, termination points for VPNs, and a working knowledge of software TLS security.
• Able to maintain a flexible and non-traditional RMF review of secure networks to assess and prescribe countermeasures for secure communications e.g. analog radio, mobile cellular, remote kits, software/hardware-based VPN solutions and VDI technologies.
• Familiar with applying different standards and security frameworks to include CIS benchmarks, FIPS 140-2, DISA Stigs, CNSA cryptographic suite compliance, etc.
• Participated as a security engineering representative on engineering teams for the design, development, implementation and/or integration of secure networking, computing, and enclave environments.
• Participated as a security engineering representative on engineering teams for the design, development, implementation and/or integration of IA architectures, systems, or system components.
• Supported the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures.
• Applied knowledge of IA policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments.
• Supported security planning, assessment, risk analysis, and risk management.
• Identified overall security requirements for the proper handling of Government data.
• Performed system or network designs that encompass multiple enclaves, to include those with differing data protection/classification requirements.
• Provided security planning, assessment, risk analysis, and risk management.
• Recommended system-level solutions to resolve security requirements.
• Supported the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures.

Responsibilities

• Facilitate sub-projects as they go through the Risk Management Framework (RMF) accreditation life cycle.
• Support the periodic system security scans as required by policy and the RMF.
• Validate and verify system security requirement definitions and analyze system security designs.
• Perform technical security assessments of computing environments to identify points of vulnerability, and then recommend mitigation strategies for those that do not comply with established Information Assurance (IA) standards.
• Manually reviewing network diagrams, network device configurations, termination points for VPNs, and a working knowledge of software TLS security.
• Maintain a flexible and non-traditional RMF review of secure networks to assess and prescribe countermeasures for secure communications e.g. analog radio, mobile cellular, remote kits, software/hardware-based VPN solutions and VDI technologies.
• Applying different standards and security frameworks to include CIS benchmarks, FIPS 140-2, DISA Stigs, CNSA cryptographic suite compliance, etc.
• Participated as a security engineering representative on engineering teams for the design, development, implementation and/or integration of secure networking, computing, and enclave environments.
• Participated as a security engineering representative on engineering teams for the design, development, implementation and/or integration of IA architectures, systems, or system components.
• Supported the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures.
• Applied knowledge of IA policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments.
• Supported security planning, assessment, risk analysis, and risk management.
• Identified overall security requirements for the proper handling of Government data.
• Performed system or network designs that encompass multiple enclaves, to include those with differing data protection/classification requirements.
• Provided security planning, assessment, risk analysis, and risk management.
• Recommended system-level solutions to resolve security requirements.
• Supported the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures.

Benefits

• healthcare
• wellness
• financial
• retirement
• family support
• continuing education
• time off benefits
• flexible time off benefit
• robust learning resources