Information Systems Security Engineer
Candidate must have TS SCI with Poly
Our client is prime on a government program. The ISSE will join a small team in a consultant like role providing technical knowledge, expertise and advice to our customer.
Day to Day Responsibilities:
The ISSE shall perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established IA standards and regulations and recommended mitigation strategies. This role will primarily involve writing, so the Engineer should be comfortable in this type of role.
The ISSE will be responsible to design, develop, implement and/or integrate IA and security systems and system components including those for networking, computing and enclave environment to include those with multiple enclaves and with differing data protection/classification requirements. They will assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions
Other responsibilities include:
- Validates and verifies system security requirements definitions and analysis and establishes system security design
- Builds IA into systems deployed to operation environments
- Supports the building of security architectures
- Enforces the design and implementation of trusted relations among external systems and architecture
- Assesses and mitigates system security threats/risk throughout the program life cycle
- Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations
- Reviews C&A documentation, providing feedback on completeness and compliance of its content
- Applies system security engineering expertise to multiple functions and scenarios
- BS and 14 years of Information Security Engineering experience with strong writing skills (4 years of extra experience will work in place of BS)
- MUST have CISSP (or similar)
- Confidence and ability to present briefing to senior level DoD officials in both prepared briefings and/or in ad hoc discussions.
- Experience in identifying, researching, characterizing, and documenting security weaknesses related to operating systems, software applications, firmware, network hardware components, as well as network architecture design and documented policies and procedures.
- Knowledge of, and practical experience with the NIST Special Publications 800 Series, CNSSI 1253, and DoD 8500.
Job Type: FT