Information Systems Security Engineer, Level 3

The selected candidate will join a high-performing agile team using the Scaled Agile Framework (SAFe) methodology to support a nationally significant and fast-paced program. Program execution follows DevOps best practices and employs robust development, test and production environments. Our team of security engineers supports enhancements to system security architecture and cybersecurity capabilities; manage multiple system security plans for development, test and production systems at multiple classification levels following the Risk Management Framework (RMF); manage cross-domain capabilities; and support Security Verification Testing (SVT) of relevant Type 1 devices.

The selected candidate will provide support for adding new capabilities to a complex network system with geographically distributed components that has exacting interface, performance and security requirements. He/she will become part of a team of Security Engineers working on solving challenging issues on a nationally significant defense program. The program makes heavy use Public Key Infrastructure (PKI), cryptographic technologies, and cross-domain solutions. The selected individual will collaborate with other engineers and technical experts in providing improvements to our operational, test, integration, and development systems.

Security Clearance Requirements:

This position requires candidates to be U.S. Citizens and possess a TS/SCI Security Clearance with an appropriate Polygraph

Required Education & Years of Experience

  • Bachelor’s Degree in Computer Science, Information Assurance, Information Security System Engineering or a related discipline and 20+ years experience as an ISSE, or
  • Master’s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline and 18+ years experience as an ISSE, or
  • HS Diploma and 24+ years of ISSE experience.

Required Skills

  • Must have experience with secure configurations of commonly used desktop and server operating systems.
  • Must have experience or familiarity with applying Risk Management Framework and formulating and assessing IT security policy.
  • Must have demonstrated knowledge of one or more common security tools, such as Nessus, NMAP and Wireshark hardware/software security implementation, communication protocol, encryption techniques/tools, and web services.
  • Must be comfortable working on multiple systems and components simultaneously, possibly with various configurations.
  • Must have strong verbal and written communications skills.
  • Must be committed to adopting and adhering to best practices.
  • Must be able to effectively plan and prioritize personal tasking.
  • Must be capable of performing high quality work both independently and with a team in a fast-moving environment.

Desired Skills

  • Experience or familiarity with Defense in Depth Principals.
  • One or more of the following: DoD 8570 compliance with IASAE; Information Systems Security Engineering Professional (ISSEP) Certification; Computer Information Systems Security Professional (CISSP) Certification.
  • Experience with integrated security services management processes (i.e. assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response).
  • Experience providing information assurance support for application development.
  • Experience with penetration testing tools and hands-on vulnerability testing.
  • Experience with scripting languages.

Required Certification

  • DoD 8570 compliance with IASAE Level 3 is required
  • Information Systems Security Engineering Professional (ISSEP)
  • CISSP Certification