Principal Information System Security Engineer

About The Position

Requirements

• U.S. citizen with active TS clearance with SCI and SAP eligibility
• Current DoDM 8570 IAT Level II or Level III certification, or DoD 8140.01 intermediate certifications under the "Security Architect" role
• 5-8 years experience working as an network/system administrator, system engineer, or ISSE
• Proven RMF ability, with at least two years of specialized experience in at least one the following:
• Cloud (prefer Azure or AWS)
• CI/CD
• Government software development / DevSecOps
• IaC
• TS / SAP environments
• Offensive or defensive cyberspace operations
• Has experience with, and is confident in, auditing and performing control assessments
• Fluent in understanding RMF as it pertains to classified systems
• Solid understanding of the systems development life cycle
• Exceptional verbal, written, interpersonal and presentation skills, customer relationship building skills, analytical skills and ability to lead/mentor teammates
• Independent and diligent with their assigned work
• Experience using scanners (e.g., ACAS, Nessus, SonarQube)
• Experience with integrating technologies and security solutions on information systems
• Demonstrated experience taking a package from RMF step 0-7 and being granted an ATO on at least one system

Nice To Haves

• Any of the following:
• Cloud Security Certifications
• CCSP: Certified Cloud Security Professional
• Microsoft Certified: Azure Security Engineering Associate
• AWS Certified Security - Specialist
• Security Engineering/Architecture Certifications
• CISSP-ISSAP: Certified Information Systems Security Professional – Information Systems Security Architecture Professional
• CISSP-ISSEP: Certified Information Systems Security Professional – Information Systems Security Engineering Professional
• GDSA: GIAC Defensible Security Architecture
• FITSP-D: Federal IT Security Professional - Designer
• Software Development Security Certification
• CSSLP: Certified Secure Software Lifecycle Professional
• Orchestration Certification
• CKA: Certified Kubernetes Administrator
• Certified Container Security Expert
• Can identify needed changes to processes and activities and help to implement continuous improvement solutions
• Experience creating various types of vulnerability and assessment scans with multiple tools
• Experience using eMASS or Xacta

Responsibilities

• Manage and develop artifacts required to obtain a government continuous authorization to operate.
• Develop and integrate cybersecurity best practices for Kubernetes clusters and DevOps pipelines.
• Create and update artifacts (e.g., SSP, hardware/software lists, PPSM, SCTM).
• Maintain communication with project engineers on the implementation of security controls and policy enforcement turning Risk Management Framework security controls into technical requirements for delivery by software and platform engineers.
• Engage with the security control assessor from the authorizing official’s office to support authorization assessments.
• Support the implementation of technologies into the CI/CD processes and systems to establish secure-by-default standards.
• Recommend security solution mitigations and enhancements supporting information assurance guidelines and customer requirements.
• Perform vulnerability/risk/security impact analysis of cloud CI/CD development systems, applications, networking, and orchestration during all phases of the system development life cycle.
• Provide input into an audit and accountability plan containing methods, procedures, and planned reviews for the continuing accreditation.
• Ensure that all information systems meet or exceed compliance requirements.
• Identify, report, and ensure the resolution of security violations.
• Monitor and review the regular updates/upgrades to equipment and procedures to maintain pace with information assurance requirements and business needs.