Information System Security Engineer (ISSE)
Alexandria, Virginia, United States
Positions Available: 2 - FUOPS COAB Blue Team (Application Security Team-Cloud, Mobile, Web)
Clearance Requirement: Top Secret/SCI, Active
Avint is seeking an experienced ISSE to support a Federal Agency contingent award starting mid to late Summer 2022. This position is responsible for analysis and development of the integration, testing, operations, and maintenance of systems security. The ISSE will be tasked with providing cybersecurity engineering services for the Federal Agency’s networks and systems. This would entail the development and design of technical processes and procedures to secure the environment and technical footprint. This position will also be responsible for understanding and supporting the design of the organizational, procedural, and technological security controls within the context of the global regulatory frameworks applicable. Avint is looking for someone with passion for implementing innovative security controls that mitigate risk to the company, empower and help demonstrate our dedication to security to our clients.
Requirements
- Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk.
- Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture and appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture.
- Collect and maintain data needed to meet system cybersecurity reporting.
- Ensure that security improvement actions are evaluated, validated, and implemented as required and that cybersecurity inspections, tests, and reviews are coordinated for the network environment.
- Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s).
- Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
- Identify IT security program implications of new technologies or technology upgrades.
- Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise’s cybersecurity program.
- Participate in the development or modification of the computer environment cybersecurity program plans and requirements.
- Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
- Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
- Assure successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organization's mission and goals.
- Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
- Identify security requirements specific to an IT system in all phases of the system life cycle.
Technical Areas of Expertise
- NIST 800.53, 800.171, RMF Framework and Cybersecurity Framework
- Developing System Security Plans, Disaster Recovery Plans, and similar documentation required for RMF.
- Understanding of industry security and compliance statuses, standards, and policies.
- Knowledge of data backup and recovery, intrusion detection methodologies, controls related to the use, processing, storage, and transmission of data, and measures of indicators of system performance and availability.
- Knowledge of network traffic analysis methods and management principles, models, methods, and tools.
- Knowledge of new and emerging IT and cybersecurity technologies.
- Knowledge of system and application security threats and vulnerabilities, what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities, and ability to harden against them.
Qualifications
- Bachelor’s degree in a related field or technical discipline, or 7-10 years of equivalent work experience in similar roles within the DoD or Federal Government, such as serving as an ISSE at a cleared facility.
- Security +, or another relevant IAT Level II Certification; IAT Level III: CISA or CISSP required for 1 out of the 2 open positions or be willing to obtain within 6 months of employment.
- Must possess a strong working knowledge of Information Assurance concepts, to include Assessment and Authorization (A&A) activities, general IT system functions, documented security policies and best practices, standard technical security safeguards and other core competencies such as: vulnerability management, network management, risk management, threat analysis, operating systems, enterprise architecture, policy management, encryption, system hardening etc.
Benefits
Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits. From competitive salaries, full health, a unique 401K plan, and generous PTO and Federal Holidays.
Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition. Interested in a class, conference, program, or degree? Avint will invest in YOU and your professional development!
Avint is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity and Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.
Tags: Application security Audits Blue team CISA CISSP Clearance Cloud Compliance DoD Encryption Intrusion detection ISSE NIST Risk management System Security Plan Top Secret TS/SCI Vulnerabilities Vulnerability management
Perks/benefits: 401(k) matching Career development Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs