Senior Information Systems Security Engineer

About The Position

Requirements

• Active TS/SCI with polygraph.
• Bachelor of Science degree from an accredited university ideally in Computer Science, Information Assurance, Information Security System Engineering or related field with a minimum of 14 years of experience as an Information Systems Security Engineer (ISSE) or System Engineer on programs and/or contracts with the customer space
• CISSP OR CASP+ certification required
• Confidence and ability to present briefing to senior level DoD officials in both prepared briefings and/or in ad hoc discussions.
• Expertise in the Risk Management Framework (RMF) and conducting cybersecurity risk assessments
• Expertise in network technology and systems security engineering.
• Experience in identifying, researching, characterizing, and documenting security weaknesses related to operating systems, software applications, firmware, network hardware components, as well as network architecture design to identify protection needs and documented policies and procedures.
• Experience developing and documenting system security requirements and conducting requirements gap analysis.
• Experience with security monitoring and incident response capabilities
• Experience with emerging technologies such as Zero Trust, Cloud Computing, etc.
• Knowledge of, and practical experience with the NIST Special Publications 800 Series, CNSSI 1253, and DoD 8500.
• Ability to work independently within a schedule and with little direction.

Responsibilities

• Conduct cybersecurity risk assessments and provide prioritized risk mitigation recommendations in support of the customer’s mission.
• Support the design, implementation, and operation of real-time capabilities to discover, detect, analyze, and mitigate threats and vulnerabilities.
• Analyze candidate architectures by evaluating against defined security requirements to identify security gaps, and provide recommended mitigation strategy.
• Research and evaluate candidate emerging technologies to determine cybersecurity effectiveness.
• Aid stakeholders through the development, refinement, delivery, and implementation of innovative solutions and capabilities.
• Engage stakeholders to ensure security objectives, protection needs, security requirements and associated validation methods are defined.
• Validates and verifies system security requirements definitions and analysis and establishes system security design
• Designs, develops, implements and/or integrates IA and security systems and system components including those for networking, computing and enclave environment to include those with multiple enclaves and with differing data protection/classification requirements
• Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions
• Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations
• Reviews C&A documentation, providing feedback on completeness and compliance of its content