ISSE with Security Clearance - Chantilly, United States - Gridiron IT Solutions

    Gridiron IT Solutions
    Gridiron IT Solutions Chantilly, United States

    2 weeks ago

    Default job background
    Description

    Position Title:

    Information Systems Security Engineer (ISSE) Responsibilities include serving as information security specialist, reviewing all software, hardware, and infrastructure changes on the systems, following the RMF Risk Management Framework process to support system accreditation, continuous monitoring, security mitigation; maintain security documentation, and other tasks as necessary.


    • Information System Owners (ISOs) guidance, requirements understanding, and options to support technical security engineering.
    • Proposes categorization of information systems based on types of information processed, in conjunction with DAO Representatives and ISOs.
    • Capability based security analysis of system security architectures, identifies vulnerabilities, and provides suggested mitigation alternatives.
    • Applying best practices and processes to capture, refine, and assist in the prioritization of requirements based on risk, engineering principles, and mission requirements.
    • Evaluates scan results and works with system developers and system administrators to eliminate or mitigate findings.
    • Participates in design, development, and implementation of information systems to ensure these systems are in compliance with required security features and safeguards.
    • Security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.
    • Generates certification and accreditation (C&A) documentation and artifacts (ie. System Security Plans, Network Interface Planning Documents, etc.) for import / upload to the SNOW tool.
    • Coordinates with appropriate Security Control Assessors (SCAs) early in engineering design phase for ongoing coordination, understating in development and application of security controls

    Required skills:
    An active TS/SCI clearance with Polygraph
    Bachelor's degree in systems engineering, electrical engineering, information technology, or related field
    5+ years of relevant experience (or 7+ years without related degree)
    Understanding of engineering in development and operational environment
    Experience with security control testing and demonstration.
    Understanding of IA principle and organizational requirements
    Experience with DOD/IC System Security control requirements
    Understanding of information security systems engineering principles and IT security technologies (e.g. firewalls, encryption, proxies)
    Understanding of cloud based technologies and development environments along with security control implementation in those environments.
    Experience working with system administrators, developers, and systems engineers to continually monitor and ensure system compliance.
    Strong Communication skills
    Familiarity with developing and maintaining system security documentation
    Enthusiastic & energetic performer able to work in a dynamic, fast-paced, & high visibility environment
    Self-motivated and capable of performing tasks with minimal oversight
    Team player incorporating a team based success philosophy
    Current Security+, CISSP, or equivalent DOD 8570 IAT 2/3 certification