Apply on Employer Site

L3Harris Technologies · 2 months ago

Senior Specialist, Information Security Systems Engineer TS/SCI - FL

Melbourne, FL

Full-time

Onsite

Senior Level

6+ years exp

L3Harris Technologies is dedicated to recruiting and developing high-performing talent who are passionate about what they do. The Senior Specialist in Information Security Systems Engineering will apply current systems security engineering methods to maintain system security and work closely with government customers to ensure security requirements are met throughout the system life cycle.

CommercialInformation TechnologyNational Security

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Applies current systems security engineering methods, practices and technologies to the architecture, design, development, evaluation and integration of systems and networks to maintain system security

Works closely with Government customers to ensure that the security protection needs, concerns and requirements are defined and implemented with appropriate fidelity and rigor, early and in a sustainable manner throughout the life cycle of system that will allow for the security authorization of the system of interest

Works with systems developers or commercial product vendors in the design and evaluation of state-of-the-art secure systems, networks, and database products

Uses methods such as encryption technology, vulnerability analysis and security management

Responsible for integration of multiple methods into a cohesive system security perimeter and environment and the policies and procedures necessary to monitor and maintain such an environment

Will prepare Certification and Accreditation documentation, using multiple standards under RMF and derivitive processes (DOD 8510, JSIG, ICD-503, CNSSI 1253), to achieve security authorization of supported systems

Represents program security needs, concerns and requirements at customer meetings

Experience in Static Application Security Testing (SAST) for Application Security and Development STIG compliance using tools such as Fortify and Gitlab as part of a DevSecOps Continuous Integration/Continuous Deployment (CI/CD) Pipeline, and generation of summary reports

Experience in Risk Management Framework (RMF) accreditation and authorization (A&A) processes to include RMF steps 1-4 (categorization, controls selection, control implementation, security assessment) and standard body of evidence (BoE) package development

Understanding of security control inheritance in terms of IaaS, PaaS and SaaS relationships

Experience with A&A package processing in eMASS and Xacta

Experience in DoD software selection and approval processes for COTS, GOTS and FOSS

Experience in the application of DISA SRGs and STIGs

Support security engineering activities, including basis of estimate development, requirements development, design, test, configuration management and maintenance of information systems and data

Assist program security in the development of policies and procedures for emerging security technologies

Support vulnerability assessment activities as required

Support the evaluation, qualification, testing and delivery of security architecture improvement, obsolescence replacement and vulnerability response projects

Experience in configuration and use of cyber defense and vulnerability assessment tools such as ACAS and SCC

Qualification

Static Application Security TestingRisk Management FrameworkCertificationAccreditationCyber defense toolsDoD 8140.03 IAT Level 3Model Based System EngineeringVulnerability analysis toolsSoft skills

Required

Bachelor's Degree and minimum 6 years of prior relevant experience

Graduate Degree and a minimum of 4 years of prior related experience

In lieu of a degree, minimum of 10 years of prior related experience

Must have active TS/SCI security clearance

DoD 8140.03 IAT Level 3 certification