Information Assurance Engineer

Reston, VA
Jun 19, 2021
Jun 21, 2021
Engineer, IT, QA Engineer
Full Time
Description Job Description: he selected candidate will join the CATALYST Team as the Information Systems Security Engineer (ISSE), providing systems engineering support for cloud-based projects. The role of the ISSE is to bridge the gap between high-level security policies/requirements and technical/operational implementation of those requirements. The ISSE will work directly with Sponsor Information Security personnel to ensure their requirements are understood. The ISSE will then provide hands-on guidance to Scrum Masters and their development teams to ensure the requirements are fulfilled. This position requires a person that can perform within a team but can also work independently with minimal guidance as situations arise. Our team uses a wide variety of commercial Amazon Web Services (AWS) to deliver critical Mission functions to Production using agile development principles. CATALYST provides services to build prototypes of new AWS cloud-based technical capabilities, and bring those capabilities through the full software development lifecycle including agile development, system test, and transition to operations (SecDevOps). This includes all services required to support application development, systems engineering, cloud services, COTS integration, and ongoing operations and maintenance. Primary Responsibilities * Oversee projects submitted for system security accreditation, from pre-submittal to final customer approval. * Conduct assessments of existing IT architecture for compliance with security requirements from applicable security frameworks and Sponsor requirements. * Produce high-quality documentation to support the System Security Accreditation process, such as bodies of evidence (BOEs), systems concept of operations, and system security plans (SSPs). * Serve as subject matter expert (SME) to Development teams as they address Plan of Actions and Milestones (POA&M) resulting from security scans. Basic Qualifications * Bachelor's degree and 12 years of relevant experience. Work experience can be used in lieu/combined with degree * Currently holds an active clearance with the US Government sponsor (TS/SCI with Poly) * 5 years of experience leading efforts to achieve system accreditation through the Sponsor's process. This should include creation of bodies of evidence (BOEs) and related documentation required to obtain authorization to operate (ATO). * Understanding of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) * Understanding of information security principles and risk assessment techniques * Strong analytical skills and attention to detail. * Able to interview engineers on technical subject matter as well as brief executive- level stakeholders. * Able to work as part of a small team and communicate technical details a manner that non-technical customer staff will understand concepts and objectives. * Knowledge of lifecycle process for software development, web applications, and system implementation Preferred Qualifications * Experience in ISSO/ISSM responsibilities or working closely with ISSO/ISSM personnel. * Experience in AWS, security engineering, encryption, and networking. * Experience using security scanning applications similar to Tenable Security Center (NESSUS), WebInspect or AppDetectivePro. * Experience with continuous monitoring, especially in the context of the Risk Management Framework (RMF) or SecDevOps * Experience with system monitoring services (eg, AWS CloudWatch, Splunk) * Experience working within the Open Source Enterprise (OSE) External Referral Bonus: Eligible Potential for Telework: No Clearance Level Required: Top Secret/SCI with Polygraph Travel: No Scheduled Weekly Hours: 40 Shift: Day Requisition Category: Professional Job Family: Information Assurance Pay Range:

Similar jobs