A80ISSE2 - Mid-Level Information System Security Engineer - Cleared

• Support by complying with the Systems Security Certification & Accreditation (C&S) processes, to include discovery meetings, achieving Interim Approval to Test (IATT) and in obtaining final Approval to Operate (ATO) status for Systems Security Plans (SSP) associated with all systems.

• Work with all appropriate elements to gain successful accreditation.

• Provide expertise with C&A policy, processes & tools.

• Conduct Preliminary Engineering Planning and Categorization Meetings with the customers

• Develop and maintain documentation required for C&A.

• Update and maintain SSP documentation.

• Fill roles of Information Systems Security Officer (ISSO).

• Manage all security relevant changes to the systems, assuring SSP documentation is up-to-date and ATO status is maintained.

• Provide Security Engineering

• Provide Self-testing

• Provide guidance for a Plan of Action and Milestones (POA&M) and Continuous Monitoring Plan

• Foster improved security of all systems using Enterprise solutions.

Requirements

TS/SCI with poly required

• Shall have eight (8) years experience integrating information assurance disciplines into the system design, development, integration, and implementation.

• Shall have two (2) years experience identifying Information Protection needs and define System Security Requirements; designing System Security Architecture; developing detailed Security Designs (including system security certifications and project evaluations).

• Shall have two (2) years experience with in Depth principles and technology including access/control, authorization, identification and authentication, public key infrastructure, network, and enterprise security architecture.

• Shall have four (4) years experience developing security plans for employing enterprise-wide security architecture.

• Shall have four (4) years experience assessing and auditing network penetration testing antivirus planning assistance, risk analysis and incident response.

• Shall have four (4) years experience applying security risk assessment methodology to system development, including threat model development, vulnerability assessments, and resulting security risk analysis.

• Shall have four (4) years experience with the Certification and Accreditation process

• Shall have three (3) years experience enforcing the design and implementation of trusted relationships among external systems and architectures.

• Shall have two (2) years experience in the implementation of cross domain solutions e.g. an information assurance solution that provides the ability to manually and/or automatically access and/or transfer between two or more differing security domains.

• Shall have two (2) years experience developing systems that process information with different categories that simultaneously permits access by users with different permissions and denies access to users who lack authorization.

• Shall have two (2) years experience in network security certifications.

• Shall have two (2) years experience in system certifications.

• Shall have five (5) years experience applying Information Security regulations, publications, and policy.

• Shall have at least one Information Security related certification (Security+, CISSP, CISM).

• Shall have a Bachelor’s degree in a related field (e.g. Business Management, Computer Science, Electrical Engineering, Information Management, Program Management etc), or two (2) years of additional relevant experience above all experience requirements listed, in lieu of a Bachelor’s degree.

Benefits

• Health & Life Insurance
• Dental Insurance
• Disability Insurance
• 401K Retirement Plan with Matching
• Tuition Assistance
• Vacation and Sick Leave
• Hiring Bonuses
• Referral Recruitment Program