Senior Information Security Systems Engineer

Senior Information Security Systems Engineer

Requirements

• Bachelor of Science degree from an accredited university ideally in Computer Science, Information Assurance, Information Security System Engineering or related field
• Minimum of 20 years of experience as an Information Systems Security Engineer (ISSE) or System Engineer on programs and/or contracts with the customer space
• CISSP certification required
• CISSP – ISSEP DoD approved 8570 baseline certification for Level III position only
• Strong writing skills
• Confidence and ability to present briefing to senior level DoD officials in both prepared briefings and/or in ad hoc discussions
• Expertise in the Risk Management Framework (RMF) and conducting cybersecurity risk assessments
• Expertise in network technology and systems security engineering
• Experience in identifying, researching, characterizing, and documenting security weaknesses related to operating systems, software applications, firmware, network hardware components, as well as network architecture design
• Experience developing and documenting system security requirements and conducting requirements gap analysis
• Experience with security monitoring and incident response capabilities
• Experience with emerging technologies such as Zero Trust, Cloud Computing, etc.
• Knowledge of, and practical experience with the NIST Special Publications 800 Series, CNSSI 1253, and DoD 8500
• Ability to work independently within a schedule and with little direction.

Responsibilities

• Conduct cybersecurity risk assessments and provide prioritized risk mitigation recommendations in support of the customer’s mission.
• Support the design, implementation, and operation of real-time capabilities to discover, detect, analyze, and mitigate threats and vulnerabilities.
• Analyze candidate architectures by evaluating against defined security requirements to identify security gaps, and provide recommended mitigation strategy.
• Research and evaluate candidate emerging technologies to determine cybersecurity effectiveness.
• Aid stakeholders through the development, refinement, delivery, and implementation of innovative solutions and capabilities.
• Engage stakeholders to ensure security objectives, protection needs, security requirements and associated validation methods are defined.
• Validates and verifies system security requirements definitions and analysis and establishes system security design.
• Designs, develops, implements and/or integrates IA and security systems and system components including those for networking, computing and enclave environment to include those with multiple enclaves and with differing data protection/classification requirements.
• Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions.
• Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.
• Reviews C&A documentation, providing feedback on completeness and compliance of its content.

Preferred Qualifications

No preferred qualifications provided.