SAIC has a new opportunity for Information System Security Engineer (ISSE) to work on an exciting, fast-paced program supporting Center of Medicare and Medicaid Services (CMS). This position will work hand-in-hand with the customer team and external teammates across all program security functions.
- Conduct technical evaluation of information system design, focusing on information security aspects and accreditation
- Utilize various information system inspection tools to audit systems, analyze potential vulnerabilities and identify mitigation approaches
- Perform vulnerability/risk assessment analysis to support accreditation and other program protection activities
- Prepare and review program documentation to include Risk Assessment Reports, Accreditation Packages, and security policy guides
- Coordinate with external organizations and guide accreditation packages through the customer process
- Review requests for software installation and conduct technical risk assessment on implementation of the software
- Work closely with system administrators to validate patching, AV definitions and other security tools are updated/not vulnerable
- Coordinate and track security action requests and status
- Assist contractors with facility designs to incorporate appropriate security features, conduct pre- accreditation inspections, and provide assistance in preparation of accreditation documents
- Conduct periodic assessments of contractor facilities to ensure compliance with security requirements tailoring requirements as needed
- Assist customer staff with resolving any operational security issues involving supporting contractors
- Maintain operational security posture for the program
- Conduct weekly auditing requirements and analyze results
TYPICAL EDUCATION AND EXPERIENCE:
- Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD or JD and four (4) years or more experience.
- The ISSE provides technical expertise on computer network design, implementation, and accreditation.
- The ISSE also provides oversight and coordination for multiple contractors supporting program objectives.
- Must be available/able to travel up to 25%
REQUIRED EDUCATION AND EXPERIENCE:
- Bachelor’s and 9+ years exp or Master’s Degree with 7+ years exp
- Candidate must be a great communicator (written and verbal) and be able to work with a group or independently
- Excellent interpersonal skills
- Expertise in certification and accreditation
- Expertise in NIST 800-53 policies and implementations
- Experience interacting with program ISSO staff
- Experience with program security and information systems security best practices
- Familiarity with security accreditation process
- Familiarity with applicable procedures and operating instructions related to program security, information assurance and information management
- Experience managing privileged user requirements
- Ideal candidate will be self- motivated, organized, and detail oriented
- Familiar with automated security compliance tools (Fortify, Nessus, etc)