ISSO Engineer

Dulles, VA
Jun 20, 2017
Jun 21, 2017
Full Time
Raytheon IIS/GIS provides Operations and Maintenance support for the Intelligence CommunityThis A&A Engineer will serve as an Information Systems Security Officer (ISSO) and will be responsible for security processes and implementation supporting a large customer on a new multi-year contract. Responsibilities include the performance, review, and conduct of technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies to the team. The ideal candidate should have at 6-8 years engineering experience. Of that experience, 3-5 years must be specific to Information Assurance and experience with implementing and authorizing large scale systems. This position is targeted for both dedicated support roles and short term reactive support and proactive engagements where occasional, 2-7 day trips to other customer facilities may be required 2-3 times per year. Required Skills: This position is a challenging role in a multi-contractor team supporting a fast moving program for multiple customers and/or projects. This requires expertise in Information Assurance and Assessment & Authorization for a large scale, distributed environment. You will be required to work directly with our Customers as well as provide occasional consulting on related projects including occasional proposal support. This role requires a self-starting engineer that can work either individually or as part of a team. Required skills include: * Expert knowledge and experience in A&A with ICD-503 * Knowledge of NIST 800-53, DIACAP, and DODIIS security requirements * Experience with system hardening including STIGs * Proficiency in validating and verifying system security requirements definitions and analysis and establishes system security designs for controls * Ability to design, develop, implement and/or integrate IA and security systems and system components including those for networking, computing, virtualization, cloud, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements * Experience with building IA into systems and services deploying into operational environments at multiple classification levels * Ability in assisting architects and services developers in the identification and implementation of appropriate information security controls and potential security functionality to ensure uniform application of security policy and enterprise solutions. * Experience with assessing and mitigating system security threats/risks throughout the program life cycle. * Knowledge of security planning, assessment, risk analysis, risk management, and awareness activities for system and networking operations. * Experience with creating and reviewing A&A Body of Evidence documentation, providing feedback on completeness and compliance of its content. Develops and executes Security Test Plan (STP) in close cooperation with team members. Required Education : BS in IA/Cyber Security/Computer Science or equivalent technical degree and 3-5 years of experience in a similar role. Desired Skills: Strong demonstrable development experience/expertise in one or more of the following technologies is desirable: * Strong knowledge and experience with NIST SP 800-53 and associated security controls implementation and verification * Proficiency in scanning systems and assisting the team in remediating vulnerabilities * Proficiency in the development and maintenance of System Security Plans, Security Compliance Traceability Matrix, Security Test Plans, and Plan of Action & Milestones * Strong Windows administration and hardening experience * Strong network and host security background in Windows * Hyper-V, SCCM, WSUS, and patching experience * Outstanding communication skills including verbal and written; Word, PowerPoint, Excel, Visio, Project, and other tools to communicate with peers and customers at all technical levels * Ability to communicate effectively with senior management in government and contractor teams * Experience ensuring systems comply with key government security requirements and demonstrate that through verification testing with government security stakeholders * Experience working on and supporting classified networks * Familiarity with cloud and virtual hosting environments Pluses: * Experience implementing a ICD-503 based A&A processes using XACTA * Security architecture design experience * Experience with ACAS, and other scanning tools * Masters degree in IA/Cyber Security/Computer Science * Active Directory (architecture, design, disaster recovery and troubleshooting), IIS and ISA. * Debugging skills in the Windows Platform * Background with Windows 7 and Windows 10 client * Experience with network captures and network troubleshooting Certifications: ITIL V3 Foundations is desired DoD 8570 certification (Security+) Advanced IT certifications-- technical certifications such as CISSP, RHCE, CCIE, SANS, etc. is a plus 97018

Similar jobs

More searches like this