Seeking motivated candidated for a multi-tasking and fast paced environment.
Title of Position: Information System Security Engineer Level 2
Description of Position:
- Shall perform or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations and recommend mitigation strategies.
- Validate and verifies system security requirements definitions and analysis and establishes system security designs.
- Designs, develops, implements and/or integrates IA and security systems and system components including those for networking, computing and enclave environment to include those with multiple enclave and with differing data protection/classification requirements.
- Builds IA into system deployed to operational environments.
- Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions.
- Supports the building of security architectures.
- Enforce the design and implementation of trusted relations among external systems and architectures.
- Assesses and mitigates system security threats/risks throughout the program life cycle.
- Contributes to the security planning, assessment, risk analyst, risk management. certification and awareness activities for system and networking operations.
- Reviews certification and accreditation (C&A) documentation providing feedback on completeness and compliance of its content.
- Applies system security engineering expertise in one or more of the following to : system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management: intrusion detection; contingency planning; incident handling; configuration control· change management; auditing; certification and accreditation process· principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security testing. Support security authorization activities in compliance with NSA/CSS Information System Certification and Accreditation Process (NlSCAP) and DoD Information Assurance Certification and Accreditation Process (DlACAP) process, the NlST Risk Management Framework (RMF) process, and prescribed NSA/CSS business processes for security engineering.
Education and Experience Required:
- Participate as a security engineering representative on engineering teams for the design, development. implementation and/or integration of secure networking computing, and enclave environments.
- Participate as a security engineering representative on engineering team for the design, development implementation and/or integration of IA architectures, systems or system components.
- Participate as the primary security engineering representative on engineering teams for the design, development, implementation, evaluation and/or integration of secure networking, computing, enclave environments, IA architectures, systems, or system components.
- Support the Government in the enforcement of the design and implementation of trusted relation hip among external system and architectures.
- Apply knowledge of IA policy, procedures, and workforce structure to design. develop, and implement secure networking, computing, and enclave environment.
- Support security planning, assessment, risk analysis, and risk management.
- Identify overalI security requirements for the proper handling of Government data.
- Interact with the customer and other project team members.
- Perform system or network design that encompass multiple enclaves, to include those with differing data protection/classification requirements.
- Provide security planning, assessment, risk analyst and risk management.
- Recommend system-level solution to resolve security requirement.
- Support the Government in the enforcement of the design and implementation of trusted relationship among external systems and architectures.
- Fourteen (14) years experience as an ISSE on program and contracts of similar scope, type, and complexity is required.
- Bachelor’s degree in Computer Science Information Assurance, Information Security System Engineering or related discipline from an accredited college or university is required.
- Four (4) year of lSSE experience may be substituted for a bachelor’s degree.
- DoD 8570.01-M compliance with lASAE Level 2 is required.
- ClSSP Certification is required.