Senior Information Systems Security Engineer (ISSE)

About The Position

Requirements

• REQUIRES AN ACTIVE/EXISTING TS/SCI WITH CI POLYRAPH
• Exhibits advanced Windows administration capabilities and Linux proficiency for optimal system management
• Security credentials, certifications, and experience commensurate with the job description
• Practical experience deploying, maintaining, and troubleshooting security tools
• Demonstrates the ability to critically assess current practices, identify deficiencies, propose innovative solutions, and effectively implement these improvements
• Thrives in a fast-paced, complex environment; displays exceptional poise and an unwavering commitment to hard work
• Displays excellent problem-solving abilities and attention to detail
• Experience with each of the following security tools: Assured Compliance Assessment Solution (ACAS), Trellix, Splunk, and Security Technical Implementation Guide (STIG)'s
• Collaborate with stakeholders to identify security requirements and ensure alignment with organizational objectives
• Stay abreast of the latest security trends, technologies, and best practices to continually enhance the security posture of the information systems
• A Bachelor's Degree from an accredited institute in an area applicable to this position and four (4) years of relevant experience
• An additional four (4) years of relevant experience may be substituted for the bachelor's degree
• Must presently be 8570 compliant (IAT Level 2 preferred); must be 8570 compliant (IAT Level 2) by date of security indoctrination with any necessary continuing education (CE) for certification

Nice To Haves

• Familiar with tiered security environments (U, S, TS)
• Deep understanding of Trellix antivirus suite of products
• Knowledge of Splunk architecture and experience structuring multi-level queries
• Windows expert - capable of advanced Powershell scripting and general administrative functions
• Experience with one or more commercial government cloud service provider's system accreditation process
• Experience as a Cybersecurity Control Assessor for SAP
• Experience with Ongoing Authorizations and Assessments
• Experience with C2S Cloud, or DevOpsSec

Responsibilities

• Provides technical expertise to ensure the network systems meet DIA C&A and IA requirements and are properly certified and accredited
• Designs, develops, and recommends integrated security system and physical control solutions that will ensure proprietary/confidential data and systems are protected
• Assist team in DIA's Authorization and Accreditation (A&A) process using RMF across the design lifecycle for classified systems obtaining and maintaining Interim Authorization to Test (IATT), Authority to Connect (ATC) and Authorization to Operate (ATO)
• Offers technical engineering services for the support of integrated security systems and solutions, managing information-related risks effectively
• Works closely with the client during the strategic design process to translate security and business requirements into actionable technical designs
• Configures and validates secure systems and physical controls, and tests security products and systems to detect security weakness
• Develop comprehensive system test plans (STP) to assess the security posture of the information systems
• Analyze scan results and security findings to prioritize remediation efforts and implement corrective measures
• Participate in incident response activities and assist in the resolution of security incidents as needed