Information Systems Security Engineer (ISSE)
Information Systems Security Engineer (ISSE)Job Category:
EngineeringTime Type:
Full timeMinimum Clearance Required to Start:
TS/SCI with PolygraphEmployee Type:
RegularPercentage of Travel Required:
Up to 10%Type of Travel:
Continental USAnticipated Posting End:
6/24/2024What You ll Get to Do:
You will perform Information System Security Engineering support for various information systems throughout the system development lifecycle.
You will have the opportunity to perform system hardening, prepare comprehensive assessment testing procedures, system vulnerability scanning and mitigation, system maintenance and configuration, documentation, and support the engineering team by providing direct input on the information system design to obtain and/or maintain a successful Authorization to Operate.
More About this Role:
Execution of the Assessment & Authorization (A&A process in accordance with government requirements (e.
g.
ICD-503)Ensure that accreditation data is maintained within customer databases (e.
g.
SNOW)Conduct research in multiple areas, to include emerging technologies, vulnerability information, system hardening (e.
g.
STIGs), operating systems, application software and security toolsExecute system configuration, and maintenance in support of the Security Engineering disciplinePrepare comprehensive security assessment testing documentation to validate applied security controls in support of Assessment and Authorization (A&A) testingProvide technical guidance focused on information security architectureGenerate security accreditation artifacts to include, but not limited to, Security Plans, Certification Test Plans, and Continuous Monitoring PlansTrack and fulfill liens associated with A&A activities as documented in the Plan of Actions and MilestonesPerform vulnerability assessments using standardized tools (Nessus, DISA STIGs) and configuration updates as required to comply with security requirementsPerform guidance for hardening of operating systems, COTS product and OpenSource products as required to support compliance with security requirementsProvide technical engineering services for the support of integrated security systems and solutionsAssess and mitigate system security threats, risks, and vulnerabilities throughout the program life cycle.
Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system operationsParticipate as a member of a security engineering team that designs, develops, implements, evaluates and/or integrates security architectures, systems or system componentsSupport and interact with customers in the enforcement of the design of security throughout the system life cycle.
Apply knowledge of IA policies and procedures disseminated by the customers organization.
Track software delivery cycles for required updates and patching.
Provide weekly security status emailsDevelop quarterly security status briefing charts and brief them at Program Management ReviewsDuties and
Responsibilities:
Track outstanding security findings and determine solutionsDevelop tasks/milestones to workoff POA&Ms and track themCoordinate A&A activities between program and external entitiesGenerate program documentation to capture security statusYou ll Bring These
Qualifications:
An active TS/SCI clearance with polygraph is requiredMust have a current certification compliant with DoD 8570 IAM or IAT level 3 OR obtain certification within 6 months of hire and maintain certification throughout employment (e.
g.
CISSP)Bachelor s degree in Computer Science, Information Assurance, Information Security System Engineering, or equivalent and five (5) years of directly related experience.
Knowledge of ICD 503, CNSSI 1253, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and security controls assessment criteria/procedures.
Experience with implementing NIST 800-53 controls/ICD 503.
Knowledge of the NRO environment and the ability to navigate projects through the RMF process to achieve IATT & ATO.
Experience participating in Assessment and Authorization (A&A) process.
Experience preparing systems security documentation (e.
g.
, security plans, risk assessment reports, Plan of Actions and Milestones (POA&Ms), etc.
).
Experience with Continuous Monitoring, mitigating scan findings, maintaining Interconnections documentation.
Vulnerability assessment scanning experience (Security Center/NESSUS)Experience working with engineers and system administrators to correct scan findings / system vulnerabilities.
Experience with creation/use of Security Center Dashboards and reports.
Excellent communication and interpersonal skills required.
Must be able to efficiently manage time management and workloadAbility to support a flexible schedule and work in a dynamic, real-time environment with rapidly changing priorities required.
Desired Certifications:
Proficient in the use of Microsoft Application tools (i.
e.
, Excel and Powerpoint).
Experience with developing test plans for information systems.
Demonstrated experience with Linux (Red Hat, CentOS)Experience with DevOpsFamiliarity with code quality and code analyzing security toolsExperience with Amazon Web Services (AWS):
Should have current or ability to obtain an Amazon Cloud certification, such as AWS Certified Solutions Architect Associate or AWS Certified Security SpecialtyAudit log review:
ability to query and perform analysis in Splunk.
Experience within the Intelligence CommunityWhat We Can Offer You:
- We ve been named a Best Place to Work by the Washington Post.
- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
- We offer competitive benefits and learning and development opportunities.
- We are mission-oriented and ever vigilant in aligning our solutions with the nation s highest priorities.
- For over 60 years, the principles of CACI s unique, character-based culture have been the driving force behind our success.
Company Overview:
CACI is an Equal Opportunity/Affirmative Action Employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.
Pay Range:
There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive compensation, benefits and learning and development opportunities.
Our broad and competitive mix of benefits options is designed to support and protect employees and their families.
At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.
Learn more hereThe proposed salary range for this position is:
$98,500 - 206,800 USDJob SummaryJob number:
295842Date posted :
2024-04-30Profession:
EngineeringEmployment type:
Full time.
Estimated Salary: $20 to $28 per hour based on qualifications.
EngineeringTime Type:
Full timeMinimum Clearance Required to Start:
TS/SCI with PolygraphEmployee Type:
RegularPercentage of Travel Required:
Up to 10%Type of Travel:
Continental USAnticipated Posting End:
6/24/2024What You ll Get to Do:
You will perform Information System Security Engineering support for various information systems throughout the system development lifecycle.
You will have the opportunity to perform system hardening, prepare comprehensive assessment testing procedures, system vulnerability scanning and mitigation, system maintenance and configuration, documentation, and support the engineering team by providing direct input on the information system design to obtain and/or maintain a successful Authorization to Operate.
More About this Role:
Execution of the Assessment & Authorization (A&A process in accordance with government requirements (e.
g.
ICD-503)Ensure that accreditation data is maintained within customer databases (e.
g.
SNOW)Conduct research in multiple areas, to include emerging technologies, vulnerability information, system hardening (e.
g.
STIGs), operating systems, application software and security toolsExecute system configuration, and maintenance in support of the Security Engineering disciplinePrepare comprehensive security assessment testing documentation to validate applied security controls in support of Assessment and Authorization (A&A) testingProvide technical guidance focused on information security architectureGenerate security accreditation artifacts to include, but not limited to, Security Plans, Certification Test Plans, and Continuous Monitoring PlansTrack and fulfill liens associated with A&A activities as documented in the Plan of Actions and MilestonesPerform vulnerability assessments using standardized tools (Nessus, DISA STIGs) and configuration updates as required to comply with security requirementsPerform guidance for hardening of operating systems, COTS product and OpenSource products as required to support compliance with security requirementsProvide technical engineering services for the support of integrated security systems and solutionsAssess and mitigate system security threats, risks, and vulnerabilities throughout the program life cycle.
Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system operationsParticipate as a member of a security engineering team that designs, develops, implements, evaluates and/or integrates security architectures, systems or system componentsSupport and interact with customers in the enforcement of the design of security throughout the system life cycle.
Apply knowledge of IA policies and procedures disseminated by the customers organization.
Track software delivery cycles for required updates and patching.
Provide weekly security status emailsDevelop quarterly security status briefing charts and brief them at Program Management ReviewsDuties and
Responsibilities:
Track outstanding security findings and determine solutionsDevelop tasks/milestones to workoff POA&Ms and track themCoordinate A&A activities between program and external entitiesGenerate program documentation to capture security statusYou ll Bring These
Qualifications:
An active TS/SCI clearance with polygraph is requiredMust have a current certification compliant with DoD 8570 IAM or IAT level 3 OR obtain certification within 6 months of hire and maintain certification throughout employment (e.
g.
CISSP)Bachelor s degree in Computer Science, Information Assurance, Information Security System Engineering, or equivalent and five (5) years of directly related experience.
Knowledge of ICD 503, CNSSI 1253, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and security controls assessment criteria/procedures.
Experience with implementing NIST 800-53 controls/ICD 503.
Knowledge of the NRO environment and the ability to navigate projects through the RMF process to achieve IATT & ATO.
Experience participating in Assessment and Authorization (A&A) process.
Experience preparing systems security documentation (e.
g.
, security plans, risk assessment reports, Plan of Actions and Milestones (POA&Ms), etc.
).
Experience with Continuous Monitoring, mitigating scan findings, maintaining Interconnections documentation.
Vulnerability assessment scanning experience (Security Center/NESSUS)Experience working with engineers and system administrators to correct scan findings / system vulnerabilities.
Experience with creation/use of Security Center Dashboards and reports.
Excellent communication and interpersonal skills required.
Must be able to efficiently manage time management and workloadAbility to support a flexible schedule and work in a dynamic, real-time environment with rapidly changing priorities required.
Desired Certifications:
Proficient in the use of Microsoft Application tools (i.
e.
, Excel and Powerpoint).
Experience with developing test plans for information systems.
Demonstrated experience with Linux (Red Hat, CentOS)Experience with DevOpsFamiliarity with code quality and code analyzing security toolsExperience with Amazon Web Services (AWS):
Should have current or ability to obtain an Amazon Cloud certification, such as AWS Certified Solutions Architect Associate or AWS Certified Security SpecialtyAudit log review:
ability to query and perform analysis in Splunk.
Experience within the Intelligence CommunityWhat We Can Offer You:
- We ve been named a Best Place to Work by the Washington Post.
- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
- We offer competitive benefits and learning and development opportunities.
- We are mission-oriented and ever vigilant in aligning our solutions with the nation s highest priorities.
- For over 60 years, the principles of CACI s unique, character-based culture have been the driving force behind our success.
Company Overview:
CACI is an Equal Opportunity/Affirmative Action Employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.
Pay Range:
There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive compensation, benefits and learning and development opportunities.
Our broad and competitive mix of benefits options is designed to support and protect employees and their families.
At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.
Learn more hereThe proposed salary range for this position is:
$98,500 - 206,800 USDJob SummaryJob number:
295842Date posted :
2024-04-30Profession:
EngineeringEmployment type:
Full time.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
