Information Systems Security Engineer (ISSE)
Woburn, Massachusetts, United States
STR has an exciting opportunity for an ISSE to function as a key contributor for the Cybersecurity Compliance team. In this dynamic position you will interface and collaborate with other Cybersecurity/Information Assurance (IA) professionals (other ISSE’s, ISSM’s, ISSO’s, Cyber Analysts) and System Administrators, on NIST compliance and configuration change management.
- Review/manage various IA Vulnerability Alerts (IAVA) (i.e., US-CERT, etc.) and overall remediation.
- Conduct both vulnerability and compliance scans of enterprise information systems.
- Support the development of RMF/CMMC documentation and control validation testing for Authority to Operate (ATO) accreditations.
- Support the development of cybersecurity requirements, design, and architecture.
- Implement Information Assurance and Information Security protections and requirements in program development and execution environments.
- Implement required security controls of networking devices, databases, operating systems, and hardware and software components.
- Collaborate with program and engineering disciplines and ensuring cybersecurity solution alternatives.
- Assist Cybersecurity Manager and ISSM’s in monitoring and resolving Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities.
- Conduct reviews and technical inspections to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional.
- 5+ years of progressive technical (hands-on) experience related to Information Assurance/Cyber Engineering requirements, development, and implementation.
- Experience with SP800-171, NIST SP 800-171A and NIST SP800-53 control implementation and assessment.
- Familiarity with Cybersecurity Maturity Model Certification (CMMC).
- Experience with managing and implementing DISA (STIGs) and CIS Benchmarks.
- Experience with various IA vulnerability/compliance scanning tools (e.g., NMap, ACAS, Nessus, Security Content Automation Protocol (SCAP).
- Strong technical background with a variety of information security systems and tools including firewalls, intrusion detection systems, intrusion prevention systems, vulnerability management, cloud access security broker, anti-virus/malware, data loss prevention, and Security Incident and Event Management (SIEM) centralized auditing tools (i.e., Splunk).
- Ability to organize and prioritize numerous customer requests in a fast paced, deadline driven environment.
- Familiarity with PowerShell scripting and Ansible Play book development.
- Familiarity with the National Industrial Security Operating Manual (NISPOM), DCSA Authorization and Assessment Process Manual (DAAPM), and the Joint Special Access Implementation Guide (JSIG).
- Experience with configuration/certification and auditing/analysis of Windows/Linux operating systems and system virtualization in Peer-to-peer, LAN & WAN networks.
- DoD 8570 IAM Level III certification (CISA, CISM, CISSP, etc.) or the ability to obtain within 6 months upon being hired.
- Currently holds an active DoD Top Secret clearance.
Systems & Technology Research (STR) is a rapidly growing technology company with locations north of Boston, MA, Arlington, VA and near Dayton, OH. We specialize in advanced research and development for defense, intelligence, and national security, trying to understand how to protect our society: from stopping malicious botnet attacks, to understanding cyber vulnerabilities, providing next generation sensors, radar, sonar, communications, and electronic warfare to developing artificial intelligence algorithms and analytics to make sense of the complexity that is exploding around us.
STR is committed to creating a collaborative learning environment that supports deep technical understanding and recognizes the contributions and achievements of all team members. Our work is challenging, but you go home at night knowing that you pushed the forefront of technology and made the world a little safer. We recognize that the world is changing, that it is becoming more connected than ever before, making things change faster than before, and reshaping society in the process. We all want to understand this changing world and leave it better for our work.
We're not just any company. Our people, culture, and attitude along with their unique set of skills, experiences, and perspectives put us on a trajectory to change the world. We can't do it alone, though - we need fellow trailblazers. If you are one, join our team and help to keep our society safe!
STR is an equal opportunity employer. We are fully dedicated to hiring the most qualified candidate regardless of race, color, religion, sex (including gender identity, sexual orientation and pregnancy), marital status, national origin, age, veteran status, disability, genetic information or any other characteristic protected by federal, state or local laws.
If you need a reasonable accommodation for any portion of the employment process, email us at firstname.lastname@example.org and provide your name, phone number and email address.
Pursuant to applicable federal law and regulations, positions at STR require employees to obtain national security clearances and satisfy the requirements for compliance with export control and other applicable laws
More Information Security position highlights
- Explore open SOC Analyst Jobs
- Explore open Senior SOC Analyst Jobs
- Explore open Threat Intelligence Response Analyst Jobs
- Explore open Senior Penetration Tester Jobs
- Explore open Staff Security Engineer Jobs
- Explore open Information Security Officer Jobs
- Explore open Vulnerability Analyst Jobs
- Explore open Threat Intelligence Analyst Jobs
- Explore open Software Security Engineer Jobs
- Explore open Infrastructure Security Engineer Jobs
- Explore open Senior Information Security Engineer Jobs
- Explore open Chief Information Security Officer Jobs
- Explore open Cybersecurity Analyst Jobs
- Explore open IAM Engineer Jobs
- Explore open Sr. Software Engineer - Detection Engineering Jobs
- Explore open Computer Network Defense & Incident Response Analyst - Mid to Senior Level Jobs
- Explore open DevOps Security Engineer Jobs
- Explore open Computer Forensic Software Engineer Jobs
- Explore open Personnel Security Officer Jobs
- Explore open Senior Information Security Analyst Jobs
- Explore open Engineering Manager - Information Security, Bangalore Jobs
- Explore open Cybersecurity Engineer Jobs
- Explore open Staff Engineer, Cloud Security Jobs
- Explore open Cyber Threat Analyst Jobs
- Explore open Privacy Manager Jobs
- Explore open Clearance-related jobs
- Explore open Open Source-related jobs
- Explore open CEH-related jobs
- Explore open Forensics-related jobs
- Explore open PCI-related jobs
- Explore open IDS-related jobs
- Explore open Risk management-related jobs
- Explore open Audits-related jobs
- Explore open NIST-related jobs
- Explore open Ruby-related jobs
- Explore open Splunk-related jobs
- Explore open OSCP-related jobs
- Explore open Machine Learning-related jobs
- Explore open Google-related jobs
- Explore open IPS-related jobs
- Explore open AI-related jobs
- Explore open Encryption-related jobs
- Explore open Security assessments-related jobs
- Explore open Docker-related jobs
- Explore open PowerShell-related jobs
- Explore open DNS-related jobs
- Explore open TCP/IP-related jobs
- Explore open Unix-related jobs
- Explore open Threat detection-related jobs