2 days old

Information Systems Security Engineer (ISSE)

Washington, DC 20004
Responsibilities

Provides feedback to design engineers and evaluates end-to-end systems and systems-oriented products through their entire life cycle. Working as expert, conducts research and evaluates technical performance of software products and overall segments and systems. Ensures products and systems comply with requirements and government information assurance and cyber security standards and practices through formal verification methods. Verifies/validates systems with specific emphasis on network operations and cyber warfare tactics, techniques, and procedures focused on the threat to information networks. Assesses performance using evaluation criteria and technical performance measures. Prepares assessments and cyber threat profiles of current and planned products based on sophisticated testing, research, and analysis. Participates in design reviews of components (hardware and software) to ensure applicability to the current system and traceability of requirements. Reviews test plans/procedures and ensures they verify/validate the requirements. Develops and maintains analytical procedures to meet changing requirements. Produces high-quality papers, presentations, recommendations, and findings for senior US government intelligence and operations officials.

Our task order provides on-site enterprise-wide technical and administrative Security Assessment and Authorization (A&A) and Continuous Monitoring (CM) support. The Information Systems Security Engineer (ISSE) uses her/his expertise to perform scans in support of the risk mitigation efforts of the broader ISSO team to achieve Authority to Operate status for client systems and applications.

The ISSE-Security responsibilities include, but not limited to: Perform scans and analysis of security center logs and coordination with the security personnel and recommend mitigation strategies. Perform and review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established information assurance (IA) standards and regulations. Validate and verify system security requirements definitions and analyze and establish system security design. Develop, implement, and document formal security programs and policies throughout the program and monitors compliance to these policies and programs. Manage and maintain a library of security audit tools, and corresponding processes that can be used for system security testing, internal audits, incident response, and diagnosis of security-related system issues. Perform and maintain Tenable security center scans and create reports: Perform analysis of Sourcefire IDS; Perform analysis of McAfee DLP; Perform analysis of the Microsoft EndPoint; Perform analysis of the Insider Threat using MySQL-Linux

Qualifications

Requires BS/BA 10-12 or MS 8-10 or PhD 5-7
5-7 years IA and InfoSec experience; which includes developing and reviewing security concept of operations, systems security plans, security control assessments, contingency plans, configuration management plans.
Experience with FISMA and RMF/A&A processes.
Experience with NIST Special Publications i.e. as 800-27, 30, 37, 53, 60.
Experience incident response plans, plan of actions and milestones, risk management plans, vulnerability scanning, and/or vulnerability management plans.
Experience with STIG and SCAP, Sourcefire IDS, McAfee DLP, Microsoft EndPoint; Strong analytical, communication, problem solving and interpersonal skills.
Ability to perform in a fast paced environment with frequent change.
CISSP and CISM or GSLC; or ability to obtain CISM or GSLC within 6 months of hire.
Active Top Secret clearance, periodic review (PR) performed within the past three years, SCI eligibility.

Preferred Qualifications: Knowledge of systems engineering principles, requirements analysis, system development (software and hardware), network security architecture concepts (topology, protocols, components); and/or IT security principles and methods (firewalls, demilitarized zones).

Government consulting experience.
Knowledge of CSA guidance.
Experience with VMware.

Email this job to a friendRefer
Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed




As a government contractor, Perspecta abides by the following provision
PAY TRANSPARENCY NONDISCRIMINATION PROVISION
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)

Industry

  • Information Technology
Posted: 2019-12-08 Expires: 2020-01-06

With offerings in mission services, digital transformation and enterprise operations, our team of 14,000 engineers, analysts, investigators and architects work tirelessly to create innovative solutions. We have the expertise and experience not only to devise solutions, but to execute on them successfully.

Featured Jobs

Career News

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Information Systems Security Engineer (ISSE)

Perspecta
Washington, DC 20004

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast