Information System Security Engineer
Information Systems Security Engineer
Contract 9+ months, 40 hours weekly, (3) Open Positions)
100% Remote with future transition to onsite, pending Covid-19
Secret Clearance Required
Major Duties & Responsibilities:
Capture and refine information security requirements and ensure that the requirements are effectively integrated into information technology component products and information systems through purposeful security architecting, design, development, and configuration. Function as an integral part of the development team to include designing and developing organizational information systems or upgrading legacy systems. Employ best practices when implementing security controls within an information system including; software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques. Coordinate security-related activities with information security architects, senior information security officers, information system owners, common control providers, and information system security officers. Support RMF activities including: select security controls; apply overlays and tailor; and implement control solutions consistent with DoD Component Cybersecurity architectures. Support stakeholders on the following: Common Control Identification; document security controls implementation in the security plan; develop and approve Security Assessment plan; conduct initial remediation actions; assess selected controls annually; conduct needed remediation; and update security plan, SAR and POA&M.
15+ years experience with cybersecurity, information assurance, and certification and accreditation including at least 5 years in a DoD environment. Bachelor’s degree in a related field. Must be CISSP certified (or hold equivalent certification that meets the DoD 8570 IAT III requirement). Experience in the development of both common user and special purpose command and control/information systems with increasing responsibilities in the scope and magnitude of the systems for which solutions have been implemented. Understanding of security policy advocated by the U.S. Government including Department of Defense and appropriate civil agencies, e.g., NIST. Must be a US Citizen and hold a current Secret clearance.