Apply on Employer Site

AMERICAN SYSTEMS · 2 hours ago

Information Systems Security Engineer, Mid-Level

US-VA-Stafford

Full-time

Onsite

Mid, Senior Level

$92K/yr - $153K/yr

5+ years exp

AMERICAN SYSTEMS is seeking a Information Systems Security Engineer (ISSE) with demonstrated expertise supporting projects for the Department of Defense (DoD). The role involves assisting in the planning and execution of cyber security requirements for DoD systems, ensuring adherence to the DoD Risk Management Framework (RMF) process.

GovernmentInformation Technology

Comp. & Benefits

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Create authorization package records in Marine Corps Certification and Accreditation Support Tool (MCCAST) or Enterprise Mission Assurance Support Service (eMASS) for assigned systems

Support identification of the system type (IS, IT product, IT service) and any special considerations including multi-service/agency, joint, cross domain, data classification, tactical, space, etc., to support categorization

Support the determination of the appropriate Defense–in–Depth Functional Implementation Architecture (DFIA) defense level (DL), CYBERSAFE grade, and security categorization in accordance with (IAW) CNSSI 1253 for assigned systems

Support the generation of controls for assigned systems IAW the DFIA DL, CYBERSAFE grade, security categorization, and applicable overlays

Assess and document the security control set for assigned systems to determine the applicability and compliance of the individual controls within the security control set

Develop Cyber Security Strategy based on the security categorization for assigned systems

Develop Security Plan (SP) and Information System Continuous Monitoring (ISCM) strategy in MCCAST or eMASS for assigned systems

Support the Security Control Assessor (SCA) and Authorizing Official (AO) review of the security control set to address any feedback received during the review

Collaborate with the NSWC IHD ISSO and Security Control Validator (SCV) to develop the Security Assessment Plan (SAP)

Support the NSWC IHD ISSO in implementing and testing the security control set IAW the SAP. Documenting the pre-assessment results in a Plan of Actions and Milestones (POA&M) and Security Assessment Report (SAR)

Support the SCA and AO review of the pre-assessment POA&M and SAR to address any feedback received during the review

Assist the NSWC IHD ISSO in providing updates to the Security Validation POA&M to address open vulnerabilities that were verified by the SCV during the official security assessment

Qualification

Cyber Security StrategyRisk Management FrameworkSecurity Control AssessmentMCCASTEMASSSec+ CertificationTeam CollaborationCommunication Skills

Required

Bachelor's degree from an accredited college or university in Computer Science or Information Management (Four (4) years of systems related experience or DoD 8570 IAT Level II qualifications may be substituted for a bachelor's degree)

Active Secret Clearance Required

Minimum Five (5) years of professional experience

At least Three (3) years of experience in defining security programs or processes for the protection of sensitive or classified information

Sec+, or equivalent, required

Experience working in a team-oriented, collaborative environment