Security Engineer/ISSO

AnaVation is looking for a talented Security Engineer who is passionate about technology and working with customers and a strong team to provide solutions for our mission-critical customer in Washington, D.C.  The ideal candidate appreciates partnering with our customer and a group of engineers to create innovative engineering solutions.  If you are looking to be challenged, then this is the environment for you!
The candidate will be responsible for ensuring that the appropriate operational security posture is maintained for each assigned information system or product. He/she is responsible for the day-to-day implementation, oversight, and maintenance of the security configuration, practices, and procedures for each product under their purview in accordance with the client’s policies and guidelines.
The candidate will be a part of a team that supports applications towards obtaining and maintaining their Authority to Operate (ATO).
Additional Responsibilities:·        Create security planning/documentation (i.e. Incident Response Plan (IRP), Information System Contingency Plan (ISCP), Change Management Plan (CMP), Business Impact Analysis (BIA), Security Statements, ATO, etc.)·        Manage Security control assessments, monitoring and evaluation·        Create and manage application Plan of Action and Milestones (POA&M)·        Complete Security Awareness Training, report security incidents·        Active collaboration with technical leads, developers and clients to ensure the ISSO’s assigned systems are within FISMA compliance·        Review security artifacts to ensure compliance with NIST controls·        Review system security audit logs and take corrective action as needed·        Ensure all IS security related documentation is current and accessible to properly authorized individuals

Required Qualifications

• Current certification exemplifying skill sets such as those identified in DoD Manual 8570,01-M for IAM level III proficiency (i.e., International Information Systems Security Certification Consortium (ISC²) Certified Information Systems Security Professional (CISSP), the Global Information Assurance Certification (GIAC) [SANS] Information Security Professional (GISP), or the Computing Technology Industry Association (CompTIA) Advanced Security Practitioner (CASP)
• Experience validating work products against the National Institute of Standards and Technology (NIST) Security Controls
• Technical and professional writing expertise
• Experience with MS Office products
• Active Top Secret Security Clearance

Desired Qualifications

• Familiar with Linux and Windows Operating System, Linux is a plus
• Experience working in an Agile environment is a plus