Information Systems Security Engineer

Information Systems Security Engineer

Requirements

• Ability to develop and interpret security architectures, data flow diagrams, and publications that depict the system(s) architecture.
• Experience with modern networks, operating systems, databases, and virtual computing.
• Ability to identify areas of non-compliance and propose solutions designed to fulfill operational requirements and meet cybersecurity requirements simultaneously.
• Thorough knowledge of RMF (Risk Management Framework), and process to end of an ATO (Authority to Operate).
• Thorough understanding of the living documents, how to address scans, how to update the plan of actions and milestones (POAM).
• Hands on experience with EMASS
• Must have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners.
• Ability to teach and guide other cyber security personnel and engineers on the proper processes and procedures.
• Must possess a high degree of initiative and personal accountability requiring minimal supervision
• Demonstrate excellent written and oral communications skills; organizational and analytical skills; the ability to express thoughts clearly; and the ability to effectively collaborate in a team environment.
• Must currently possess an Active TS/SCI Clearance with Counterintelligence (CI) Polygraph.
• Requires a bachelor’s degree in a related field; Four additional years of relevant technical experience may be substituted for degree.
• 10+ years of prior relevant experience or an equivalent combination of training, work experience and, preferably, applicable military experience.
• At least five (5) years must be specialized experience including system security analysis and implementation; design assurance or testing for INFOSEC products and systems; integration or testing for INFOSEC products and systems
• Certified Information Systems Security Professional (CISSP)

Responsibilities

• Apply current systems security engineering methods, practices and technologies to the architecture, design, development, evaluation, and integration of systems to maintain system security.
• Reviews and understands the living documents, how to address scans; and how to update the plan of actions/milestones (POAM).
• Develop, implement, and enforce information systems security policies ensuring system security requirements are addressed during all phases of the acquisition and Information System (IS) lifecycle.
• Evaluate proposed security architectures and designs and provide input as to the adequacy of those security designs to meet required security compliance objectives.
• Contribute to the security planning, assessment, risk analysis, risk management, assessment & authorization activities for a large complex software intensive system.
• Support the Government to resolve conflicting system security engineering requirements.
• ISSE will be responsible for taking information from the vendor and update in EMASS.

Preferred Qualifications

• Experience with Twistlock and SonarQube.
• CISSP-ISSEP or CASP certification.