Cyber Information System Security Engineer
Job DescriptionMinimum Clearance Required to Start: Top Secret SCI w/Polygraph Job Description: Cyber Information Systems Security Engineer OVERVIEW: Provide leading Information System Security Engineering (ISSE) support services to advanced customer systems, acquisitions, operations, and disposal. Ensure that appropriate security engineering principles, concepts, methods, and practices are applied throughout the system lifecycle to achieve customer objectives for the protection of mission-critical assets. Reduce system vulnerabilities findings through requirements definition, system design, risk analysis, and secure operations; in accordance with NIST SP 800-160 Vol. 1 RESPONSIBILITIES: * Define system security requirements in coordination with security stakeholders including system engineers, program managers, security control assessors, and authorizing officials. * Develop or review system security designs and architectures. * Advise security engineers on best methods to remediate vulnerability findings through security scanning tools (Nessus, NMAP, Retina, WebInspect, Fortify) * Working experience with auditable events SIEM products such Splunk * Support engineering analysis of alternatives, tradeoffs, and risk treatment decisions. * Develop cybersecurity documentation in support of customer Risk Management Framework (RMF) process; in accordance with NIST SP 800-37 Rev 2. * Work with interdisciplinary teams to deliver trustworthy and secure systems. EXPERIENCE REQUIREMENTS: * 8 years minimum of system and/or security engineering work performed in support of US Government customers subject to Intelligence Community Directive (ICD) 503. * Review and development of RMF Assessment and Authorization (A&A) documentation, eg System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POAMs). ADDITIONAL PREFERRED EXPERIENCE AND SKILLS: * Experience implementing NIST SP 800-53 Revision 4 security requirements and NIST SP 800-53A security assessment procedures. * Knowledge of Amazon C2S, SC2S, Commercial and GovCloud planning, design, and operations. * Knowledge of RSA Archer product * Strong initiative and communication skills. ADDITIONAL PREFERRED EXPERIENCE (Cloud): * Knowledge of Amazon of Web Services (AWS) C2S planning, design, and operations. * Awareness of Cloud C2E initiative * Microsoft Azure * Google Cloud Services ADDITIONAL PREFERRED EXPERIENCE (Space): * Engineering work performed in space-oriented mission environments. * Ground infrastructure and satellite knowledge ADDITIONAL PREFERRED EXPERIENCE (Desktop Services): * Microsoft Windows Server Active Directory (2012, 2016) * RedHat Linux; CentOS, Fedora * Virtualization Platforms: Hyper-V, VMware * VDI (Desktop), Citrix ADDITIONAL PREFERRED EXPERIENCE (Network): * Network engineering/design of LANs, WANs, MANs, including underlying routing protocols, and implementation. (TCP/IP, BGP, OSPF) * Knowledge of Cross Domain Solutions (CDSs). EDUCATION: Although not explicitly required, successful candidates typically have a BS or MS degree in a technical field or a ISC2 Certified Information Systems Security Professional (CISSP) certification with need to obtain ISC2 Information Systems Security Engineering Professional (ISSEP) Must be able to obtain, maintain and/or currently possess a security clearance.