Information System Security Engineer (ISSE)

Alexandria, Virginia, United States

Full Time Mid-level / Intermediate

Positions Available: 2 - FUOPS COAB Blue Team (Application Security Team-Cloud, Mobile, Web)

Remote Capability: TBD

Clearance Requirement: Top Secret/SCI, Active

Avint is seeking an experienced ISSE to support a Federal Agency contingent award starting June 2022. This position is responsible for analysis and development of the integration, testing, operations, and maintenance of systems security. The ISSE will be tasked with providing cybersecurity engineering services for the Federal Agency’s networks and systems. This would entail the development and design of technical processes and procedures to secure the environment and technical footprint. This position will also be responsible for understanding and supporting the design of the organizational, procedural, and technological security controls within the context of the global regulatory frameworks applicable. Avint is looking for someone with passion for implementing innovative security controls that mitigate risk to the company, empower and help demonstrate our dedication to security to our clients.

Requirements

  • Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk.
  • Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture and appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture.
  • Collect and maintain data needed to meet system cybersecurity reporting.
  • Ensure that security improvement actions are evaluated, validated, and implemented as required and that cybersecurity inspections, tests, and reviews are coordinated for the network environment.
  • Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s).
  • Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
  • Identify IT security program implications of new technologies or technology upgrades.
  • Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise’s cybersecurity program.
  • Participate in the development or modification of the computer environment cybersecurity program plans and requirements.
  • Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
  • Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
  • Assure successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organization's mission and goals.
  • Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
  • Identify security requirements specific to an IT system in all phases of the system life cycle.


Technical Areas of Expertise

  • NIST 800.53, 800.171, RMF Framework and Cybersecurity Framework
  • Developing System Security Plans, Disaster Recovery Plans, and similar documentation required for RMF.
  • Understanding of industry security and compliance statuses, standards, and policies.
  • Knowledge of data backup and recovery, intrusion detection methodologies, controls related to the use, processing, storage, and transmission of data, and measures of indicators of system performance and availability.
  • Knowledge of network traffic analysis methods and management principles, models, methods, and tools.
  • Knowledge of new and emerging IT and cybersecurity technologies.
  • Knowledge of system and application security threats and vulnerabilities, what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities, and ability to harden against them.

Qualifications

  • Bachelor’s degree in a related field or technical discipline, or 7-10 years of equivalent work experience in similar roles within the DoD or Federal Government, such as serving as an ISSE at a cleared facility.
  • Security +, or another relevant IAT Level II Certification; IAT Level III: CISA or CISSP required for 1 out of the 2 open positions.
  • Must possess a strong working knowledge of Information Assurance concepts, to include Assessment and Authorization (A&A) activities, general IT system functions, documented security policies and best practices, standard technical security safeguards and other core competencies such as: vulnerability management, network management, risk management, threat analysis, operating systems, enterprise architecture, policy management, encryption, system hardening etc.

Benefits

Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits. From competitive salaries, full health, a unique 401K plan, and generous PTO and Federal Holidays.

Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition. Interested in a class, conference, program, or degree? Avint will invest in YOU and your professional development!

Avint is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity and Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.

Job region: North America
Job country: United States
Job stats:  2  0  0
  • Share this job via
  • or

Other jobs like this

Explore more Cyber Security career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.