Federal - Information Systems Security Engineer
We are seeking a highly motivated, Mid to Senior level Information System Security Engineer (ISSE) looking for hands-on experience and an opportunity for career growth. This role is in support of multiple, force protection systems involving Microsoft, Linux, and Virtualized (VMware) services. Working as part of a team, the ideal candidate will facilitate compliance with NIST’s Risk Management Framework, SP 800-53 security controls, and Security Technical Implementation Guides (STIGS).
- Identify, Select, and Implement applicable security controls for various operating systems and applications IAW NIST SP 800-37, Risk Management Framework.
- Develop and maintain bodies of evidence (BOE) for managed information systems, custom application, services, and networks.
- Develop and disseminate system security policies, processes, and likewise governing products in service of maintaining a low operational risk picture.
- Conduct internal vulnerability assessments and facilitate external Audits.
- Coordinate security-related tasks and activities across other functional areas E.g. Program Management, Engineering, Software Development, etc.
- Produce documentation in response to, and satisfaction of information security requirements.
- Develop full ATO Packages and ATO supporting documentation. Examples are: SSPs, RARs, POA&Ms, SCTMs, RTMs, SLCMs, SARs, Certification Test Reports, Briefings, and Training products. Assist in a secure change management process and related Change Control Boards (CCB).
- Represent the IA function in CCBs and the change management process, including speaking on behalf of the IA Teams to address approval or denial of Change Requests
- Conduct Security Impact Analyses (SIA) on System Change Requests
- Maintain a professional appearance, demeanor, and relationship with colleagues and clients.
- Must be able to manage multiple priorities and complex tasks in a dynamic work environment.
- Must have the ability to translate technical concepts to semi-technical clients.