|Date Posted||September 20, 2018|
Job Number: R0032273
Information Systems Security Engineer, Senior
Provide Cybersecurity engineering and support to track Cyber incidents throughout a global enterprise. Conduct liaison with commands at which incidents occur and intermediates in the chain of command and ensure timely completion of corrective action for incidents, including root-cause determination, cleanup, technical remediation, and personnel action. Develop familiarity with the enterprise security tool set, including audit collection, reduction, or analysis, threat detection, and forensic tools. Develop, design, integrate, test, document, deploy, operate, and maintain automated tools for security testing, including Host Based Security System (HBSS) and Assured Compliance Assessment Solution (ACAS). Work collaboratively with Defensive Cyber Operations (DCO) division leadership and analysts and Information System Security Managers throughout the enterprise. Brief senior leadership on the status of open investigations and progress toward closure. Develop security documentation that is compliant with Intelligence Community Directive (ICD) 503, 500-series Intelligence Community Standards (ICSs), and related National Institutes of Standards and Technology (NIST) 800-series Special Publications (SPs).
-Experience with DoD Information Assurance (IA) Certification and Accreditation Process (DIACAP), DoD Risk Management Framework (RMF), ICD 503, and NIST RMF
-Experience with the intelligence community (IC), DoD, Navy Intelligence (NAVINTEL) IA, Fleet Cyber Command, and DoD Intelligence Information System (DoDIIS) tools, systems, reporting mechanisms, and requirements for Assessment and Authorization (A&A)
-Experience with implementing and executing security engineering practices in the system or software development life cycle (SDLC) process and designing, developing, and using host-based and network-based scanning tools
-Experience in the installation, configuration, testing, deployment, and O&M of enterprise-wide network-based scanning tools, including HBSS and ACAS in support of compliance testing and continuous monitoring
-Knowledge of the DoD, IC, and national-level system security initiatives and secure information, Local Area Network or Wide Area Network, Cloud technologies, cross-domain solutions, and technologies
-Knowledge of developing security controls, testing methodologies, and test procedures for systems, Cloud-based architectures, and cross-domain solutions
-BA or BS degree in Computer Science (CS), Electrical Engineering (EE), Information Technology (IT), or Information Assurance (IA)
-Certified Information System Security Professional (CISSP) Certification
-2 years of experience with project management preferred
-Experience with Security Content Automation Protocol (SCAP) based tools and specifications
-Experience with system or software design, development, integration, testing, system administration, and O&M
-Experience with Java, C, or C++ software development
-Experience with UNIX/Linux, including Solaris or Red Hat Enterprise Linux or Microsoft Windows operating systems, including Server 2012R2, Server 2016, Windows 7, Windows 10, and DoD Secure Host Baselines
-Ability to display proactive, results-oriented, interpersonal, and customer relations and team-building expertise
-Possession of excellent oral and written communications skills
-MS degree in Computer Science (CS), Electrical Engineering (EE), Information Technology (IT), Information Assurance (IA), or related field
-CISSP-Information System Security Engineering Professional (CISSP-ISSEP) Certification
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.
We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.