Sr. Specialist, Information Security Systems Engineer

About The Position

Requirements

• Bachelor’s Degree and minimum 6 years of prior relevant experience. Graduate Degree and a minimum of 4 years of prior related experience. In lieu of a degree, minimum of 10 years of prior related experience.
• Secret Clearance is required for this role on day 1. Security clearances may only be granted to U.S. citizens. Additionally, applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information.
• No Dual Citizens for this role.

Nice To Haves

• Experience in configuration and use of cyber defense and vulnerability assessment tools such as ACAS and SCC.
• Possess DoD 8570.01-M IAT Level 2 certification (e.g. CySA+, GICSP, GSEC, Security+CE, SSCP, or CCNA Security) and DoD 8570.01-M IASAE Level 2 certification (e.g. CASP+ CE or CISSP (or Associate)).
• Experience in writing and managing RMF body of evidence documents (e.g., System Security Plan (SSP), Security Compliance Traceability Matrix (SCTM), Risk Assessment Report (RAR), Continuous Monitoring (ConMon) Plan, and Security Assessment Plans and Procedures (SAPP)).
• Experience in the content development and administration of Security Information and Event Management (SIEM)/audit reduction tools (e.g., Splunk).
• Experience with the application of Security Technical Implementation Guides (STIGs).

Responsibilities

• Generate and support NSA Contract Data Requirements Lists (CDRLs) including reviews and guidance.
• Demonstrate comprehensive knowledge of data flows (e.g., TCP/IP, OSI model), cyber security certification experience including NIST Risk Management Framework (RMF), NSA Type 1, and communications security experience (COMSEC, TRANSEC).
• Offer inputs to technical security needs for non-security team members to facilitate cross-functional design activities.
• Identify security risks, threats, and vulnerabilities of networks, systems, applications, and new technology initiatives (hardware, software, cross-domain solutions, cryptographic devices, firewalls, intrusion detection systems, anti-virus systems, and software deployment tools).
• Apply familiarity with TEMPEST procedures and testing processes.
• Evaluate, qualify, test, and deliver security architecture improvements, obsolescence replacement, compliance certification, and vulnerability response projects.