Technical Information System Security Engineer - Houston, United States - Smart Synergies

    Smart Synergies
    Smart Synergies Houston, United States

    2 weeks ago

    Default job background
    Description
    As the Technical Information System Security Engineer (ISSE) for the Risk Management Framework (RMF)


    Assessment and Authorization (A&A) process for CNIC Joint Base Pearl Harbor–Hickam (JBPHH), you will be tasked with developing RMF security authorization packages to obtain Authorizations to Operate (ATOs) for an isolated enclave, NRH 3SPN, that provides network infrastructure and basic network services to two adjacent NRH–owned isolated systems, NRH NACS and NRH VPMS, which are outside the accreditation boundary of the system.

    As the Technical Information System Security Engineer (ISSE), you will be responsible for the activities listed below: 1. Support CNRH ISSM / CIO with RMF package development as technical ISSE 2. Assemble all required documentation as outlined by the ISSM and CNIC for the RMF packages 3.

    Assist with updating policy and documentation along with maintaining compliance with National Institute of Standards (NIST) SP 800–53 rev 4 throughout the RMF lifecycle 4.

    Develop a Security Assessment Plan (SAP) in accordance with the Navy RMF Process Guide ver. 3.1 and using the templates provided in the RMF Knowledge Service (RMF KS) and NAVFAC RMF portal 5.

    Assess and implement security controls, Security Technical Implementation Guides (STIGs), and Assured Compliance Assessment Solution (ACAS) scans in accordance with governing policies 6.

    Process, maintain compliance, and verify completion of Nessus, STIG, and SCAP files, report any open findings or vulnerabilities to the program and propose and implement mitigations as required 7.

    Maintain compliance in Vulnerability Remediation Asset Manager (VRAM) and DoD Information Technology Portfolio Repository–Navy (DITPR–DON)/ DON Application and Database Management System (DADMS) 8.

    Understand NIST, Committee for National Security Systems (CNSS), DoD/DON Communications Task Orders (CTOs, TASKORDS), and Information Assurance Vulnerability Management (IAVMs) 9.

    Create system authorization boundary diagrams and data flow diagrams encompassing traceability back to Hardware, Firmware, Software, Ports, Protocols and Services (PPS) lists, and ACAS while complying with DISA standards 10.

    Review system PPS list and ensure compliance IAW Department of Defense Instruction (DoDI) 8551

    Interacts frequently with internal personnel and outside representatives at various levels. 12. Familiarity with DON Vulnerability Remediation Asset Manager (VRAM) 13.


    Familiarity in the following disciplines:
    Microsoft operating systems, Microsoft SQL, Red Hat Linux, Cisco and Aruba wireless


    Requirements, Experience, Education:

    • Must possess an active Secret Security Clearance
    • Must meet 8570 Workforce IAT Level II, IAM Level III preferred
    • Must have a BS in Information Technology, Cyber Security, Computer Science, or related discipline.
    • Must have 15 years in Information Technology
    • Must have 3–5 years experience in a Cyber Security environment to include RMF and eMASS experience
    • Navy RMF experience preferred but not required.
    #J-18808-Ljbffr