Information Systems Security Engineer

About The Position

Requirements

• Minimum of 5 years with BS/BA; Minimum of 3 years with MS/MA
• 9 years of relevant experience will be considered in lieu of a degree
• Experience supporting security and compliance programs in federal sector focused on delivering complex Security IT solutions, resolving business challenges through technical implementation.
• Experience in analysis, assessment, design, and implementation of enterprise Cybersecurity solutions.
• Experience with Information Assurance (IA) hardening and compliance, i.e. DISA STIG & NIST 800-53 compliance, documentation.
• Experience working within a distributed virtual team environment, with proficiency in remote collaboration tools and practices.
• 3 + years of experience with the NIST SP 800-53 security controls, Risk Management Framework (RMF ) and system A&A processes.
• Experience working in Scaled Agile Framework ( SAFe ) environments or similar Agile methodologies.
• Experience in Agile/ DevSecOps and ZTA methodologies
• Ability to obtain and hold a Public Trust clearance – US Citizenship is
• CISSP or comparable certification (e.g., C EH , CISM, CISA, GSLC)

Nice To Haves

• N etwork and firewall engineering experience with designing, implementation, and maintaining layer 2 and 3 networking devices and/or firewall devices.
• Experience with Jira/ Confluence Atlassian tools
• K nowledge of the OSI 7-layer model, TCP/ IP and common application layer protocols.
• Experience supporting NOAA, NASA, or national space mission programs, particularly ground systems.
• Prior experience with Configuration Management and Quality Assurance processes for new programs or large system deployments.
• Active Public Trust clearance.

Responsibilities

• Ensures system security needs are established and maintained for operations development, security requirements definition, security risk assessment, systems analysis, systems design, security test and evaluation, assessment and authorization , systems hardening, vulnerability testing and scanning, incident response, disaster recovery, and business continuity planning.
• Develops and maintains security documentation to include System Security Plan (SSP), FIPS 199 , FIPS 200 and other associated compliance documentation
• Provides analytical support for security policy development and analysis.
• May interface with external entities including law enforcement, intelligence and other government organizations and agencies.
• Support in A&A assessments, ATO authorizations, security documentation, and regular scans/tests/patches .
• Support the NOAA cyber security mission by building, configuring, troubleshooting, and updating the network security capabilities that protect NOAA core networks and information.
• Monitor network connectivity and ensure high quality data transmission using standard network tools.