Information System Security Engineer IV jobs in United States
cer-icon
Apply on Employer Site
company-logo

Chenega Corporation · 15 hours ago

Information System Security Engineer IV

positionHuntsville, AL, US
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
date8+ years exp

Chenega Corporation is an Alaska Native Corporation that supports large-scale government operations through advanced technology. The Information System Security Engineer IV will lead RMF activities, manage risk, and ensure compliance with cybersecurity regulations while coordinating with various stakeholders.

Information Technology
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Act as a senior technical lead for RMF activities, developing and maintaining security documentation, coordinating with AOs/AODRs, and ensuring compliance with cybersecurity policies and regulatory frameworks
Manage risk, secure IT systems, and implement security controls to protect sensitive data
Shall assist in the development and maintenance of the Risk Management Framework (RMF) documentation and reports to achieve and maintain compliance with cybersecurity regulations and optimize current processes to streamline the approval process across the AMC Enterprise Mission Assurance Support System (eMASS) Portfolio for HQ and Enterprise records
Implement a Continuous Monitoring Strategy with automation to keep packages current
Work with leadership, auditors, and IT teams to maintain security and respond to threats
Work in all steps of the RMF process with system owners, ISSO, and ISSMs, and validate adequate security controls are in place to enable sound risk management decisions by the AO
Develop, implement, and enforce cybersecurity policies and procedures in accordance with regulatory frameworks. Manage all aspects of cybersecurity for systems maintained on-site
Brief senior management on all aspects of security engineering
Lead and support frequent interaction with government customers
Ensure security requirements are addressed in all phases of the system development lifecycle (SDLC)
Participate in network design reviews and security testing for the customer’s networks
Coordinate with system development teams to ensure network security standards are being followed and implemented correctly
Identify additional security requirements, based on RMF or as a result of security issues that put the customer’s systems at risk
Review and analyze new systems (hardware and software) and provide recommendations concerning their security
Provide A&A and RMF guidance to system owners to ensure accreditation success
Provide insight and recommendations leading up to and during the customer's information assurance readiness review process
Oversee the cybersecurity lifecycle from inception to completion
Develop, review, and update documentation to ensure compliance with RMF and Continuous Monitoring requirements
Maintain and update security documentation (SSPs, POA&Ms, etc.)
Assists with the preparation of test plans and conducts security control testing IAW with NIST SP800-53
Direct and oversee daily activities of team members, ensuring tasks are completed accurately, efficiently, and in alignment with contract goals
Other duties as assigned

Qualification

Risk Management Framework (RMF)Cybersecurity certificationsEMASSNIST 800-53Cloud platformsUnix/LinuxNetwork technologiesAgile Scrum CertificationsData visualization toolsTime managementTeam collaboration

Required

Bachelor's degree in science, Technology, Engineering, Mathematics, IT, or business-related programs
8+ years of experience in Information System Security practices and applying the RMF to complex IT systems
5+ years' experience supporting DoD or federal programs is highly desirable
Experience with RMF (NIST 800-53), ATO packages, POA&M development, and system categorization is required
Baseline and Full Computing Environment Certifications for IAT-II IAW DoD 8570.01-M (Security+ certification) desired
Cybersecurity certifications like CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), or CISM (Certified Information Security Manager) are required
Must have an active Secret clearance with the ability to obtain TS with SCI eligibility
Experience with eMASS is critical
Deep understanding of cybersecurity frameworks, documentation, and technical validation processes, working closely with stakeholders and control assessors to ensure security and compliance
Experience with IA vulnerability testing and related network and system test tools
Experience with Splunk
Experience with cloud platforms like Amazon Web Services (AWS), Microsoft Azure, etc., and migrating customers/projects to the cloud
Experience working in a Unix/Linux environment
Experience working in cloud infrastructures
Must have high proficiency in the Microsoft Office suite and possess advanced skills and knowledge in programs like Word, Excel, PowerPoint, and Outlook
Must have an understanding of cloud technologies (e.g., AWS, Azure, GCP, Oracle) and hybrid cloud environments
Experience developing and documenting system security requirements and conducting requirements gap analysis
Experience with network technologies and the ability to demonstrate knowledge of network protocols, communications systems, and architectures
Strong creative and visual storytelling skills with an eye for design, usability, and user experience
Use expert knowledge of data visualization tools to deliver information that allows client users to quickly understand data, ask better questions, and take action
Possess knowledge and experience with data analysis and data technical expertise in data management, engineering, and science
Skillful time management and organizational skills to set and meet deadlines
Ability to work both independently and within a team
Ability to work effectively in a team environment to encourage collaboration, innovation, and continuous improvement
Ability to meet minimum clearance requirements
Ability to work nights, weekends, and holidays as required
Ability to travel up to 10%

Preferred

5+ years' experience supporting DoD or federal programs is highly desirable
Baseline and Full Computing Environment Certifications for IAT-II IAW DoD 8570.01-M (Security+ certification) desired
Agile Scrum Certifications desired

Benefits

Well-being programs

Company

Chenega Corporation

twittertwitter
Glassdoor3.6
company-logo
As the most successful Alaska Native village corporation, Chenega figures prominently in the diverse government services contracting marketplace supporting defense, intelligence, and federal civilian customers.
dateFounded in 1974
location
Anchorage, Alaska, USA
people-size5001-10000 employees
web-link
https://www.chenega.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Robb Milne
CFO
linkedin
leader-logo
Chris Andersen
Chief Development Officer, Military, Intel and Operations Support Strategic Business Unit
linkedin
Company data provided by crunchbase