Information Systems Security Engineer ( ISSE )

Salary depends on experience
Posted on 11/20/17
Colorado Springs, CO
5 - 7 years experience
IT Consulting/Services
Salary depends on experience
Posted on 11/20/17

Responsibilities

  • Perform day-to-day maintenance of systems, including auditing and patch management
  • Perform technical security assessments of complex systems
  • Identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies
  • Apply knowledge of IA policy, procedures, and workforce structure to implement secure networking, computing, and enclave environments
  • Write authorization and accreditation (A&A) documentation and ensure the systems are operated and maintained in accordance with these security plans
  • Enforce the design and implementation of trusted relationships among external systems and architectures
  • Support security planning, assessment, risk analysis, and risk management for client systems and programs
  • Interact with technical team members from multiple organizations in a diversified, team environment
  • Identify overall security requirements for the proper handling of client data
  • Perform system or network designs that encompass multiple enclaves to include those with differing data protection/classification requirements
  • Recommend system-level solutions to resolve security requirements
  • Ensure all users have the requisite security clearances, authorizations, need-to-know, and are aware of their securityresponsibilitiesbefore granting access to client systems
  • Conduct periodic reviews of information systems to ensure compliance with the security authorization package
  • Perform key functions (above) and othersecurity-related tasks as directed on multiple systems, at multiple sites, or for multiple clients

 

Qualifications

Required Education, Certifications and Experirence:

  • AS degree from an accredited university including classes in Computer Science, Information Assurance, Information Security Systems Engineering, or related fields
  • Five (5) years of experience working in a cybersecurity or related field
  • Must meet position and certification requirements outlined in the DoDD 8570.01-M for Information Assurance Technician (IAT) level 2 and Information Assurance Manager (IAM) level 1

Desired Education, Certifications and Experience:

  • BS degree from an accredited university in Computer Science, Information Assurance, Information Security Systems Engineering, or related field
  • Eight (8) years of experience working in a cybersecurity related field

Required Skills & Experience: 

  • CISSP
  • Certifications in one or more of the following: CompTIA Security+, GIAC Industrial Cyber Security Certification (GICSP), GIAC Security Essentials (GSEC), GIAC Cyber Security Leadership (GSLC), or ISC2 Systems Security Certified Practitioner (SSCP)
  • Experience with both Windows- and Linux-based operating systems
  • Expert knowledge of federal security requirements and mandates (e.g., RMF, Federal Information Processing Standards (FIPS), National Standards of Information Technology (NIST))
  • Experience working on DISA Security Technical Implementation Guide (STIG) implementation across multiple operating systems and applications
  • Must be a team player and be able to work within all levels of a project team
  • Excellent time management, scheduling, and organizational skills
  • Ability to work well independently as well as follow detailed instructions for completing tasks
  • Demonstrated ability to complete tasks, drive projects to closure, assimilate and correlate project information in a fast-paced environment
  • Demonstrated ability to shift from one project to another in a dynamic, agile work environment
  • Excellent oral and written communication skills and ability to clearly translate client technical needs into technical specifications
  • Ability to communicate technical approaches and details within small project teams, including team interactions and presentations
  • Familiarity with security procedures while working in a SCIF/SAPF environment

 

Desired Skills & Experience:

  • CISSP or equivalent level certification
  • Experience with various Security Content Automation Protocol (SCAP) tools such as Assured Compliance Assessment Solution (ACAS) (Nessus) and SCAP Compliance Checker (SCC)
  • Experience using the Splunk Security Incident and Event Management (SIEM) program
  • Apply system securityengineering expertise to various client programs/processes (e.g., system security design process, engineering life cycle, information domain and cross domain solutions, identification / authentication / authorization of commercial off-the-shelf and government off-the-shelf software employment, system integration, risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, certification and accreditation process, principles of IA (confidentiality, integrity, non-repudiation, availability, and access control), security testing)
  • Experience working on-site in a government client environment

2017-2556

Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.