Senior System Design Engineer – Security (Government)

at AT&T
Published November 16, 2022
Location Columbia, MD
Category Default  
Job Type Full-time  

Description

AT&T Global Public Sector is a trusted provider of secure, IP enabled, cloud-based, network solutions and professional services to the Federal Government. We are dedicated to recruiting, developing, and empowering a diverse, high-performing workforce that is passionate about what they do, committed to our shared values, and dedicated to our customers' mission.

Our Professional Services Defense Team supports our Nation's warfighters and Intelligence Community, providing, operating, and assuring critical voice, video, and collaboration services for the full spectrum of government operations. We have a long history of supporting our customers with exceptional technical expertise in areas of transmission technologies, data techniques, applications integration, emerging services, and network evolution.

AT&T has an opening for a Senior Information Systems Security Engineer to support AT&T's Defense and National Security sector in managing several operational projects, services, systems, and communications for government programs.

The job duties of the information systems security engineer are as follows:

* Perform analysis and evaluation to design, implement, test and field secure systems, networks, and architectures.
* Develop, implement, and enforce information systems security policies ensuring system security requirements are addressed during all phases of the acquisition and Information System (IS) lifecycle.
* Conduct certification and testing in accordance with the Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) policy; identify deficiencies and providing recommendations of risk mitigation to customer.
* Support the Government and internal security efforts to resolve conflicting system security engineering requirements.
* Manage key security systems to include McAfee/Trellix ePO, Nessus Professional, Syslog, and other servers to include upgrade and management of the systems.
* Develop program technical publications such as Systems Engineering Plans (SEP), Technical Plans, Analyses and Reports, Risk Assessments, Security Concepts of Operations (SECONOP), Program Protection Plan, Anti-Tamper Plan, Cybersecurity Strategy, Technology Development Strategies, Test Plans, procedures and reports, System Security Plans, and related documentation.
* Liaison with Department of Defense (DoD), Intelligence Community (IC) and internal program stakeholders.
* Experience with testing methods, automated tools, plans, and procedures for verification of compliance and vulnerability requirements.
* Expert knowledge of security engineering, design concepts and principles.
* Familiarity with System Life Cycle Development (SDLC) methodologies and the 800 series of National Institute of Standards and Technology (NIST) Special Publications (800-37, 800-39, 800-53, 800-53A, 800-94 and 800-115) and Committee National Security Systems Instruction (CNSSI) 1253.
* Experience with modern networks, operating systems, databases, and virtual computing.
* Extensive experience analyzing information technology and system risk in complex environments and articulating results to all levels of personnel.
* Experience conducting information system security control assessments (SCAs) and applying standard auditing techniques during systems security control assessments, including the proper interpretation of the control requirements, determining if the artifacts provided are sufficient and recommending remedial action to Government customer to ensure compliance.
* Knowledge of Department of Defense Architecture Framework (DoDAF) views facilitating integration and promoting interoperability across capabilities and among integrated architectures.
* Knowledge of the policies and practices for Critical Program Information (CPI) mandates for technologies.
* Knowledge of Commercial Solution for Classified (CSfC) within National Security Systems (NSS).
* Extensive knowledge of Department of Defense, Department of Navy, and Intelligence Community policies, procedures, and guidelines for designing secure architectures.
* Knowledgeable of DoD and IC policy on the acquisition processes.
* Ability to develop and interpret security architectures, data flow diagrams, engineering electrical/pinout drawings, and publications that depict the system(s) architecture.
* Exceptional verbal and written communication skills, with the ability to collaborate across teams and organizations, including senior level management.
* Proven ability to multi-task and deliver on-time with the highest quality.
* Ability to be able to identify risk areas of non-compliance and propose solutions to design to full-fill operational requirements and meet cybersecurity requirements simultaneously.
* Proficient in Microsoft Office tools (Power Point, Word, Visio, etc.)

Required Clearance:

TS/SCI with polygraph (#ts/sci) (#polygraph)

Required Qualifications:

Five to ten years' experience as an information systems security engineer in programs and contracts of a similar scope, type, and complexity is required. Strong experience in core security skills to include documentation, analysis, information technology, remediation assessment, network security, hardware, deployment, databases, firewalls, Linux, and troubleshooting.

Desired Qualifications:

DoD 8570 IASAE level 2 compliance or higher certification required (CISSP, CISSP-ISSAP or CISSP-ISSEP); Certified Authorization Professional (CAP); Bachelor's degree in Systems Security Engineering, Software Engineering, or Computer Science. Strong experience in security qualities to include communication skills, information assurance, computer science, risk management, NIST, mitigation, collaboration, vulnerability assessments, compliance, active directory, and cybersecurity.

Ready to join our team? Apply Today!

Job ID 2241238 Date posted 08/30/2022 Apply Now

Drop files here browse files ...