Information Systems Security Engineer - Beavercreek, United States - Modern Technology Solutions Inc

Description

Own Your Future.

Modern Technology Solutions, Inc. (MTSI) is seeking an Information System Security Engineer (ISSE) with a TS/SCI Clearance in Dayton, Ohio.

Why is MTSI known as a Great Place to Work?

• Interesting Work: Our co-workers support some of the most important and critical programs to our national defense and security.
• Values: Our first core value is that employees come first. We challenge our co-workers to provide the highest level of support and service, and reward them with some of the best benefits in the industry.
• 100% Employee Ownership: we have a stake in each other's success, and the success of our customers. It's also nice to know what's going on across the company; we have company wide town-hall meetings three times a year.
• Great Benefits - Most Full-Time Staff Are Eligible for:
• Starting PTO accrual of 20 days PTO/year + 10 holidays/year
• Flexible schedules
• 6% 401k match with immediate vesting
• Semi-annual bonus eligibility (July and December)
• Company funded Employee Stock Ownership Plan (ESOP) - a separate qualified retirement account
• Up to $10,000 in annual tuition reimbursement
• Other company funded benefits, like life and disability insurance
• Optional zero deductible Blue Cross/Blue Shield health insurance plan
• Track Record of Success: We have grown every year since our founding in 1993

Modern Technology Solutions, Inc. (MTSI) is a 100% employee-owned engineering services and solutions company that provides high-demand technical expertise in Digital Transformation, Modeling and Simulation, Rapid Capability Development, Test and Evaluation, Artificial Intelligence, Autonomy, Cybersecurity and Mission Assurance.

MTSI delivers capabilities to solve problems of global importance. Founded in 1993, MTSI today has employees at over 20 offices and field sites worldwide.

For more information about MTSI, please visit .

Responsibilities:

• Serve as technical expert to the Cybersecurity Assessment Program providing technical direction, interpretation and alternatives to complex problems.

• Develop implementation and validation procedures to ensure effective security designs are implemented

• Identify cloud security design solutions for BizAdmin, Development and Test networks

• Develop, implement, and enforce information systems security policies ensuring system security requirements are addressed during all phases of the acquisition and Information System lifecycle.

• Conduct certification and testing in accordance with the Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) policy; identify deficiencies and provide recommendations of risk mitigation to customer.

• Conduct information system security engineering activities, confirm that information security requirements are effectively implemented throughout the security architecting, design, development, configuration, and implementation processes

• Employ best practices when implementing security controls, including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques

• Integrate/Develop new techniques to improve Confidentiality, Integrity, and Availability for networks/systems operating at various classification levels

• Assist program managers, system engineers, cyber test experts in conducting Mission Based Cyber Risk Assessments

• Prepare Risk Management Framework Assessment and Authorization package documentation to include System Security Plans, Architecture Analysis Reports, Risk Assessment Reports, Security Control Traceability Matrix and Continuous Monitoring Plans

• Identify points of vulnerability, non-compliance with established cybersecurity standards and regulations, and recommend mitigation strategies

• Apply knowledge of cybersecurity policy, procedures, and workforce structure to implement secure networking, computing, and enclave environments

• Perform system or network designs that encompass multiple enclaves to include those with differing data protection/classification requirements

• Provide expert support, research and analysis of exceptionally complex problems, and processes relating to them

• Work closely with customer to provide expert level consultation and technical services on all aspects of Information System Security.

• Respond to technical issues in a professional and timely manner.

Qualifications:

Required Education, Certifications and Experience:

• AS degree from an accredited university including classes in Computer Science, Information Assurance, Information Security Systems Engineering, or related fields

• Four (4) years of experience working in a cybersecurity or related field

• Must meet position and certification requirements outlined in the DoDD M for Information Assurance Security Engineer (IASE) level 2

Desired Education, Certifications and Experience:

• BS degree from an accredited university in Computer Science/Engineering or other related engineering discipline

• Eight (8) years of experience working in a cybersecurity related field

• Possess the Cloud Certified Security Provider certification

Required Skills & Experience:

• Prior performance in roles such as ISSO, ISSM or SCA

• Experience conducting security control assessments and/or implementation using NIST SP 800-53, NIST , ICD 503 and JSIG

• Must have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners

• Demonstrated experience in Systems Engineering writing systems level requirements, architectures, and designs

• Knowledge and experience working in the Systems Engineering 'V' Lifecycle framework

• Familiar with the Digital Engineering Environment including using Model Based Systems Engineering and Model Based Cyber Risk Assessment tools

• Experience in designing and implementing cybersecurity requirements in Cloud Solutions

• Strong analytical and problem-solving skills

• Ability to take the initiative to complete tasks with minimal supervision

• Experience in Secure Software Development Lifecycle

• Experience working on DISA Security Technical Implementation Guide (STIG) implementation across multiple operating systems and applications

• Must be a team player and be able to work within all levels of a project team

• Excellent time management, scheduling, and organizational skills

• Ability to work well independently as well as follow detailed instructions for completing tasks

• Demonstrated ability to complete tasks, drive projects to closure, assimilate and correlate project information in a fast-paced environment

• Demonstrated ability to shift from one project to another in a dynamic, agile work environment

• Excellent oral and written communication skills and ability to clearly translate client technical needs into technical specifications

• Ability to communicate technical approaches and details within small project teams, including team interactions and presentations

• Familiarity with security procedures while working in a SCIF/SAPF environment

Desired Skills & Experience:

• Experience with various Security Content Automation Protocol (SCAP) tools such as Assured Compliance Assessment Solution (ACAS) (Nessus) and SCAP Compliance Checker (SCC)

• Experience using Security Incident and Event Management (SIEM) programs

• Experience with performing Mission Based Cyber Risk Assessments including the MRAP-C, Cyber Table Top or Blue Book

• Apply system security engineering expertise to various client programs/processes (e.g., system security design process, engineering life cycle, information domain and cross domain solutions, identification / authentication / authorization of commercial off-the-shelf and government off-the-shelf software employment, system integration, risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, certification and accreditation process, principles of IA (confidentiality, integrity, non-repudiation, availability, and access control), security testing)

• Experience working on-site in a government client environment

Security Clearance Requirements:

Candidate must possess an active Top Secret clearance with SCI eligibility

ADDITIONAL NOTES

• Travel: Position requires up to 20% travel to CONUS areas, but could vary

#LI-MS1

#MTSI