Mid/Senior Information Systems Security Engineer

About The Position

Requirements

• Must have demonstrated knowledge of and experience with common security tools, such as Nessus, NMAP and Wireshark hardware/software security implementation, communication protocol, encryption techniques/tools, and web services
• Must have experience with secure configurations of commonly used desktop and server operating systems
• Must be comfortable working on multiple systems and components simultaneously in various configurations
• Must have strong verbal and written communications skills
• Must be committed to adopting and adhering to best practices
• Must be able to effectively plan and prioritize tasking and communicate clearly regarding technical options and trade-offs
• Must be capable of performing high quality work both independently and with a team in a fast-moving environment

Nice To Haves

• TS/SCI Clearance with polygraph within the last 6 yrs.
• Must be cleared with the MD Customer
• Bachelor's degree or Master's Degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline
• Five (5) years of experience with Defense in Depth Principals/technology (including access control, authorization, identification and authentication, public key infrastructure, network and enterprise security architecture) and applying risk assessment methodology to system development
• Experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response
• Experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass the development, design, and implementation
• Experience with penetration testing tools
• Experience with scripting languages

Responsibilities

• Validating and verifying system security requirements and establishing system security designs for large-scale systems, major system elements, and interfacing systems that are part of a large complex network environment with geographically distributed components.
• Identifying and implementing appropriate information security architectures and functionality to ensure uniform application of security policy and enterprise solutions.
• Recommending and developing technical solutions, products, and standards based on current and desired system security architecture.
• Assessing and mitigating system security threats and risks throughout the program life cycle.
• Leading and/or contributing to the security planning, assessment, risk analysis, risk management, certification and awareness activities for various system and networking operations.
• Effectively collaborating with other internal technical experts on a day-to-day basis.
• Communicating with Program Managers and POCs from customer organizations when necessary, regarding Security issues of significant importance.
• Participating in Program Increment Planning and related agile team activities.
• Working closely with System Engineering, Test Engineering, and Integration teams to ensure that the hardware and software architecture and implementation meets security requirements.
• Analyzing and assessing system implementation against multiple security compliance policies and recommending and implementing enhancements.
• Evaluating security solutions to ensure they meet customer specified requirements for processing information.
• Evaluating the impact of new development on the operational security posture of the system.
• Evaluating, reviewing, and testing critical software.
• Proposing, assessing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
• Auditing and assessing system security configuration settings using common methodologies and tools.
• Managing and enforcing security strategies and policies that effect various components of geographically distributed systems.
• Providing configuration management for security-relevant information system software.
• Serving as a subject matter expert in security architecture to include providing advice to Program Managers, Customer technical experts, and internal program teams.
• Formulating security compliance requirements for new system features.
• Identifying and remediating security issues throughout the system.
• Supporting risk assessment, risk management, security control assessment, continuous monitoring, service design, and other IA program support functions.
• Working with development teams to enrich team-wide understanding of different types of vulnerabilities, attack vectors and remediation approaches.
• Planning and conducting security verification testing of relevant type 1 devices.

Benefits

• 8 weeks paid leave - 4 weeks of personal leave, 3 Yay! days, take off on your birthday,11 paid holidays and optional leave up to 6 days through Belay's volunteer program
• 10% matching in 401(k) contributions vested on day one
• $5,000 annual training/tuition
• Student Loan Repayment Program
• 100% company-funded HSA
• Rich medical coverage (100% coinsurance)
• Dental coverage including orthodontia
• Up to $420,000 in life insurance, premiums 100% company funded
• Amazon Prime, gym reimbursement, monthly lunches, games and prizes
• Pet adoption program, generous referral bonus program, fun events, and more!