System Security Engineer - Senior

About The Position

Requirements

• Minimum of Eight (8) years of experience working in a cybersecurity related field
• Prior performance in roles such as ISSO, ISSM, ISSE/SSE or SCA
• Experience conducting security control assessments and/or implementation using NIST SP 800-53, NIST 800-171, ICD 503 and JSIG
• Must have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners
• Demonstrated experience in Systems Engineering writing systems level requirements, architectures, and designs
• Knowledge and experience working in the Systems Engineering "V" Lifecycle framework
• Familiar with the Digital Engineering Environment including using Model Based Systems Engineering and Model Based Cyber Risk Assessment tools
• Strong analytical and problem-solving skills
• Ability to take the initiative to complete tasks with minimal supervision
• Experience in Secure Software Development Lifecycle
• Experience working on DISA Security Technical Implementation Guide (STIG) implementation across multiple operating systems and applications
• Must be a team player and be able to work within all levels of a project team
• Excellent time management, scheduling, and organizational skills
• Ability to work well independently as well as follow detailed instructions for completing tasks
• Demonstrated ability to complete tasks, drive projects to closure, assimilate and correlate project information in a fast-paced environment
• Demonstrated ability to shift from one project to another in a dynamic, agile work environment
• Excellent oral and written communication skills and ability to clearly translate client technical needs into technical specifications
• Ability to communicate technical approaches and details within small project teams, including team interactions and presentations
• Familiarity with security procedures while working in a SCIF/SAPF environment
• BS degree from an accredited university including classes in Computer Science, Computer/Electronics/Electronics Engineering, Cybersecurity or related fields
• Must meet position and certification requirements outlined in the DoDD 8570.01-M for Information Assurance Security Engineer (IASE) level 2
• Possess an active Top Secret security clearance, based upon a Single Scope Background (SSBI/SBPR).
• Must be eligible for Sensitive Compartmented Information (SCI) and Special Access Programs (SAP) access.

Nice To Haves

• Experience with aircraft avionics, system engineering or aircraft maintenance
• Prior work and experience working with aircraft, weapons or command & control systems
• Experience with various Security Content Automation Protocol (SCAP) tools such as Assured Compliance Assessment Solution (ACAS) (Nessus) and SCAP Compliance Checker (SCC)
• Experience using Security Incident and Event Management (SIEM) programs
• Experience with performing Mission Based Cyber Risk Assessments including the MRAP-C, Cyber Table Top or Blue Book

Responsibilities

• Serve as technical expert to the Cybersecurity Assessment Program providing technical direction, interpretation and alternatives to complex problems.
• Develop procedures for implementation and validation to integrate effective security designs into system architectures.
• Perform information system security engineering tasks, ensuring that information security requirements are properly implemented throughout the processes of security architecture, design, development, configuration, and implementation.
• Develop, implement, and enforce information systems security policies ensuring system security requirements are addressed during all phases of the acquisition and Information System lifecycle
• Review, analyze and validate system security designs within embedded avionics systems to validate security control and architecture implementations
• Conduct certification and testing in accordance with the Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) policy; identify deficiencies and provide recommendations of risk mitigation to customer.
• Employ best practices when implementing security controls, including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques
• Integrate/Develop new techniques to improve Confidentiality, Integrity, and Availability for networks/systems operating at various classification levels
• Assist program managers, system engineers and cyber test engineers in conducting Mission Based Cyber Risk Assessments
• Participate in program protection analyses for program and system information, CPI, and critical components. Coordinate with the Anti- Tamper Executive Agent and test team to define AT requirements are implemented into system designs· Identify points of vulnerability, non- compliance with established cybersecurity standards and regulations, and recommend mitigation strategies
• Identify points of vulnerability, non-compliance with established cybersecurity standards and regulations, and recommend mitigation strategies
• Apply knowledge of cybersecurity policy, procedures, and workforce structure to implement secure networking, computing, and enclave environments
• Perform system or network designs that encompass multiple enclaves to include those with differing data protection/classification requirements
• Work closely with customers and vendors to provide expert level consultation and technical services on all aspects of System Security Engineering.
• Respond to technical issues in a professional and timely manner.