Information Systems Security Engineer - MEKS

COLSA Corporation•Huntsville, AL

14h

About The Position

This position is contingent upon contract award and funding General Summary Responsible for developing and ensuring secure testing practices for software releases supporting the Military Equipment Knowledge System (MEKS) onto cloud environments. Principal Duties and Responsibilities (Essential functions) Develop the necessary tests and security scans to support multiple MEKS software releases in a cloud environment. Build, secure, and deploy artifacts/images to deploy on the MEKS CI/CD pipeline. Secure the cloud environments by ensuring cloud configurations and settings are adhering to established security protocols. Ensure software development efforts are utilizing industry best practices. Develop, modify, or refine the necessary items for IATT/ATO procurement on all identified networks. Draft and deliver all IATT/ATO documentation necessary for RMF compliance into Xacta. Identify, evaluate, scope, and prioritize all necessary items and controls for RMF compliance and enter items into Xacta. Coordinate with the Cyber Team and technical team to develop an RMF process for control adherence. Support system security requirements, design security layout or architecture, and determine required security tools and existing tool functionality. Provide Continuous Monitoring (ConMon) to determine if the complete set of planned, required, and deployed security controls continue to be effective. Assess the security impacts by continuously monitoring logs, source code, inventories, and other items necessary for security compliance. Provides full assessment of system’s security posture. Performs security testing to verify cyber security integrity of the product. Designs and recommends mitigations. Develops security policies and procedures. May provide technical expertise and guidance to more junior team members. At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals!” Learn about our employee-centric culture and benefits here .

Responsibilities

Develop the necessary tests and security scans to support multiple MEKS software releases in a cloud environment.
Build, secure, and deploy artifacts/images to deploy on the MEKS CI/CD pipeline.
Secure the cloud environments by ensuring cloud configurations and settings are adhering to established security protocols.
Ensure software development efforts are utilizing industry best practices.
Develop, modify, or refine the necessary items for IATT/ATO procurement on all identified networks.
Draft and deliver all IATT/ATO documentation necessary for RMF compliance into Xacta.
Identify, evaluate, scope, and prioritize all necessary items and controls for RMF compliance and enter items into Xacta.
Coordinate with the Cyber Team and technical team to develop an RMF process for control adherence.
Support system security requirements, design security layout or architecture, and determine required security tools and existing tool functionality.
Provide Continuous Monitoring (ConMon) to determine if the complete set of planned, required, and deployed security controls continue to be effective.
Assess the security impacts by continuously monitoring logs, source code, inventories, and other items necessary for security compliance.
Provides full assessment of system’s security posture.
Performs security testing to verify cyber security integrity of the product.
Designs and recommends mitigations.
Develops security policies and procedures.
May provide technical expertise and guidance to more junior team members.