Information System Security Engineer (ISSE)
Alexandria, Virginia, United States
Positions Available: 2 - FUOPS COAB Blue Team (Application Security Team-Cloud, Mobile, Web)
Remote Capability: TBD
Clearance Requirement: Top Secret/SCI, Active
Avint is seeking an experienced ISSE to support a Federal Agency contingent award starting June 2022. This position is responsible for analysis and development of the integration, testing, operations, and maintenance of systems security. The ISSE will be tasked with providing cybersecurity engineering services for the Federal Agency’s networks and systems. This would entail the development and design of technical processes and procedures to secure the environment and technical footprint. This position will also be responsible for understanding and supporting the design of the organizational, procedural, and technological security controls within the context of the global regulatory frameworks applicable. Avint is looking for someone with passion for implementing innovative security controls that mitigate risk to the company, empower and help demonstrate our dedication to security to our clients.
- Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk.
- Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture and appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture.
- Collect and maintain data needed to meet system cybersecurity reporting.
- Ensure that security improvement actions are evaluated, validated, and implemented as required and that cybersecurity inspections, tests, and reviews are coordinated for the network environment.
- Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s).
- Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
- Identify IT security program implications of new technologies or technology upgrades.
- Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise’s cybersecurity program.
- Participate in the development or modification of the computer environment cybersecurity program plans and requirements.
- Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
- Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
- Assure successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organization's mission and goals.
- Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
- Identify security requirements specific to an IT system in all phases of the system life cycle.
Technical Areas of Expertise
- NIST 800.53, 800.171, RMF Framework and Cybersecurity Framework
- Developing System Security Plans, Disaster Recovery Plans, and similar documentation required for RMF.
- Understanding of industry security and compliance statuses, standards, and policies.
- Knowledge of data backup and recovery, intrusion detection methodologies, controls related to the use, processing, storage, and transmission of data, and measures of indicators of system performance and availability.
- Knowledge of network traffic analysis methods and management principles, models, methods, and tools.
- Knowledge of new and emerging IT and cybersecurity technologies.
- Knowledge of system and application security threats and vulnerabilities, what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities, and ability to harden against them.
- Bachelor’s degree in a related field or technical discipline, or 7-10 years of equivalent work experience in similar roles within the DoD or Federal Government, such as serving as an ISSE at a cleared facility.
- Security +, or another relevant IAT Level II Certification; IAT Level III: CISA or CISSP required for 1 out of the 2 open positions.
- Must possess a strong working knowledge of Information Assurance concepts, to include Assessment and Authorization (A&A) activities, general IT system functions, documented security policies and best practices, standard technical security safeguards and other core competencies such as: vulnerability management, network management, risk management, threat analysis, operating systems, enterprise architecture, policy management, encryption, system hardening etc.
Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits. From competitive salaries, full health, a unique 401K plan, and generous PTO and Federal Holidays.
Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition. Interested in a class, conference, program, or degree? Avint will invest in YOU and your professional development!
Avint is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity and Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.
Other jobs like this
401(k) matching Medical leave Parental leave Startup environment
Application Security EngineerApplication security Automation Azure Linux OWASP Penetration testing PowerShell Product security Python SDLC +4
401(k) matching Career development Flex vacation Health care Team events +1
Explore more Cyber Security career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.
- Open Cyber Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Penetration Tester jobs
- Open Senior DevSecOps Engineer jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Security Operations Engineer jobs
- Open Cyber Threat Intelligence Analyst jobs
- Open Staff Security Engineer jobs
- Open Head of Information Security jobs
- Open Lead Security Engineer jobs
- Open SOC Analyst jobs
- Open Cyber Security Analyst jobs
- Open Information System Security Officer (ISSO) jobs
- Open Cybersecurity Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Cloud Security Automation Specialist jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Offensive Security Engineer jobs
- Open Information Security Officer jobs
- Open Cloud Security Operations Lead jobs
- Open Azure Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open DevOps-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Audits-related jobs
- Open PCI-related jobs
- Open OWASP-related jobs
- Open Threat intelligence-related jobs
- Open Clearance-related jobs
- Open Security assessments-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open CEH-related jobs
- Open Encryption-related jobs
- Open CISM-related jobs
- Open GDPR-related jobs
- Open Agile-related jobs
- Open Open Source-related jobs
- Open Threat detection-related jobs
- Open OSCP-related jobs
- Open Intrusion detection-related jobs
- Open Machine Learning-related jobs
- Open DevSecOps-related jobs