Cyber Information System Security Engineer
Job Description Minimum Clearance Required to Start: Top Secret SCI w/Polygraph Job Description: Location: Chantilly, VA Category: Information Technology Cyber Information Systems Security Engineer Parsons is looking for a Cyber Information System Security Engineer to provide leading Information System Security Engineering (ISSE) support services to advanced customer systems, acquisitions, operations, and disposal. This Cyber ISSE will ensure that appropriate security engineering principles, concepts, methods, and practices are applied throughout the system lifecycle to achieve customer objectives for the protection of mission-critical assets; will reduce system vulnerabilities findings through requirements definition, system design, risk analysis, and secure operations; in accordance with NIST SP 800-160 Vol. 1. Duties may include: * Define system security requirements in coordination with security stakeholders including system engineers, program managers, security control assessors, and authorizing officials. * Develop or review system security designs and architectures. * Advise security engineers on best methods to remediate vulnerability findings through security scanning tools (Nessus, NMAP, Retina, WebInspect, Fortify) * Working experience with auditable events SIEM products such Splunk * Support engineering analysis of alternatives, tradeoffs, and risk treatment decisions. * Develop cybersecurity documentation in support of customer Risk Management Framework (RMF) process; in accordance with NIST SP 800-37 Rev 2. * Work with interdisciplinary teams to deliver trustworthy and secure systems. Required: * 8 years minimum of system and/or security engineering work performed in support of US Government customers subject to Intelligence Community Directive (ICD) 503. * Review and development of RMF Assessment and Authorization (A&A) documentation, eg System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POAMs). Desired: * Experience implementing NIST SP 800-53 Revision 4 security requirements and NIST SP 800-53A security assessment procedures. * Knowledge of Amazon C2S, SC2S, Commercial and GovCloud planning, design, and operations. * Knowledge of RSA Archer product * Strong initiative and communication skills. * Knowledge of Amazon of Web Services (AWS) C2S planning, design, and operations. * Awareness of Cloud C2E initiative * Engineering work performed in space-oriented mission environments. * Ground infrastructure and satellite knowledge * Microsoft Windows Server Active Directory (2012, 2016) * RedHat Linux; CentOS, Fedora * Virtualization Platforms: Hyper-V, VMware * VDI (Desktop), Citrix * Network engineering/design of LANs, WANs, MANs, including underlying routing protocols, and implementation. (TCP/IP, BGP, OSPF) * Knowledge of Cross Domain Solutions (CDSs). * Although not explicitly required, successful candidates typically have a BS or MS degree in a technical field or a ISC2 Certified Information Systems Security Professional (CISSP) certification with need to obtain ISC2 Information Systems Security Engineering Professional (ISSEP) Must be able to obtain, maintain and/or currently possess a security clearance.