Information Systems Security Engineer (ISSE)

Columbia, MD, 1099, W2

The Information Systems Security Engineer shall perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies.

Responsibilities

  • Validate and verify system security requirements definitions and analysis and establishes system security designs
  • Design, develop, implement and/or integrate IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements
  • Build IA into systems deployed to operational environments
  • Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions
  • Support the building of security architectures
  • Enforce the design and implementation of trusted relations among external systems and architectures
  • Assess and mitigate system security threats/risks throughout the program life cycle
  • Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations
  • Review security architectures, firewall configurations, IDS/IPS, and security controls for new and proposed systems
  • Prevent and detect and resolve risks to high value assets early
  • Develop and manage strategic and tactical physical, personnel and procedural security programs
  • Architect, design, implement, support, and evaluate security-focused tools and services including project leadership roles
  • Provide software vulnerability remediation advice to software developers and software development teams
  • Implement security vulnerability testing tools to provide continuous monitoring and patch verification
  • Test and evaluate products in a lab environment
  • Review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content
  • Provide input into the development of security policies and procedures
  • Provide detailed security recommendations for the secure development and maintenance of systems
  • Evaluate and recommend new and emerging security products and technologies
  • Provide security operations support as needed
  • Participate in projects that develop new intellectual property
  • Evangelize security within the organization and be an advocate for customer trust

Requirements

  • TS/SCI FSP Clearance
  • Knowledge of 8570 controls, testing information systems for compliance of the controls, and the creation of test cases
  • Knowledge of incident response and the creation, execution, and reporting of such activities
  • Knowledge of Firewalls, IDS/IPS, intrusion detection, VLANS, routing and other network security technologies
  • Knowledge of virtualization technologies including virtual firewalls, networking and segmentation
  • Knowledge of networking and firewall configuration and monitoring
  • Knowledge of SIEM technologies such as Splunk and creation of security event related dashboards
  • Knowledge of Malware identification, containment, and eradication
  • Knowledge of access control systems, PKI, multi-factor authentication, and entitlements management
  • Proficient in Microsoft Windows and Linux operating systems
  • Excellent written and verbal communication skills
  • Excellent leadership skills and teamwork skills
  • Results oriented, high energy, self-motivated
  • Candidate may be required to respond to after-hours requests as required in a 24 x 7 environment
Join ClearedCollab

Apply for this Job

Upload your CV/resume or any other relevant file. Max. file size: 1 MB.