Information Systems Security Engineer (ISSE)

Information Systems Security Engineer (ISSE)Job Category : EngineeringTime Type : Full timeMinimum Clearance Required to Start : TS / SCI with PolygraphEmployee Type : RegularPercentage of Travel Required : Up to 10%Type of Travel : Continental USAnticipated Posting End : 6 / 24 / 2024

What You’ll Get to Do :

You will perform Information System Security Engineering support for various information systems throughout the system development lifecycle.

You will have the opportunity to perform system hardening, prepare comprehensive assessment testing procedures, system vulnerability scanning and mitigation, system maintenance and configuration, documentation, and support the engineering team by providing direct input on the information system design to obtain and / or maintain a successful Authorization to Operate.

More About this Role :

Execution of the Assessment & Authorization (A&A process in accordance with government requirements (e.g. ICD-503)

Ensure that accreditation data is maintained within customer databases (e.g. SNOW)

Conduct research in multiple areas, to include emerging technologies, vulnerability information, system hardening (e.g. STIGs), operating systems, application software and security tools

Execute system configuration, and maintenance in support of the Security Engineering discipline

Prepare comprehensive security assessment testing documentation to validate applied security controls in support of Assessment and Authorization (A&A) testing

Provide technical guidance focused on information security architecture

Generate security accreditation artifacts to include, but not limited to, Security Plans, Certification Test Plans, and Continuous Monitoring Plans

Track and fulfill liens associated with A&A activities as documented in the Plan of Actions and Milestones

Perform vulnerability assessments using standardized tools (Nessus, DISA STIGs) and configuration updates as required to comply with security requirements

Perform guidance for hardening of operating systems, COTS product and OpenSource products as required to support compliance with security requirements

Provide technical engineering services for the support of integrated security systems and solutions

Assess and mitigate system security threats, risks, and vulnerabilities throughout the program life cycle. Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system operations

Participate as a member of a security engineering team that designs, develops, implements, evaluates and / or integrates security architectures, systems or system components

Support and interact with customers in the enforcement of the design of security throughout the system life cycle.

Apply knowledge of IA policies and procedures disseminated by the customers organization.

Track software delivery cycles for required updates and patching.

Provide weekly security status emails

Develop quarterly security status briefing charts and brief them at Program Management Reviews

Duties and Responsibilities :

Track outstanding security findings and determine solutions

Develop tasks / milestones to workoff POA&Ms and track them

Coordinate A&A activities between program and external entities

Generate program documentation to capture security status

You’ll Bring These Qualifications :

An active TS / SCI clearance with polygraph is required

Must have a current certification compliant with DoD 8570 IAM or IAT level 3 OR obtain certification within 6 months of hire and maintain certification throughout employment (e.g. CISSP)

Bachelor’s degree in Computer Science, Information Assurance, Information Security System Engineering, or equivalent and five (5) years of directly related experience.

Knowledge of ICD 503, CNSSI 1253, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and security controls assessment criteria / procedures.

Experience with implementing NIST 800-53 controls / ICD 503.

Knowledge of the NRO environment and the ability to navigate projects through the RMF process to achieve IATT & ATO.

Experience participating in Assessment and Authorization (A&A) process.

Experience preparing systems security documentation (e.g., security plans, risk assessment reports, Plan of Actions and Milestones (POA&Ms), etc.).

Experience with Continuous Monitoring, mitigating scan findings, maintaining Interconnections documentation.

Vulnerability assessment scanning experience (Security Center / NESSUS)

Experience working with engineers and system administrators to correct scan findings / system vulnerabilities.

Experience with creation / use of Security Center Dashboards and reports.

Excellent communication and interpersonal skills required.

Must be able to efficiently manage time management and workload

Ability to support a flexible schedule and work in a dynamic, real-time environment with rapidly changing priorities required.

Desired Certifications :

Proficient in the use of Microsoft Application tools (i.e., Excel and Powerpoint).

Experience with developing test plans for information systems.

Demonstrated experience with Linux (Red Hat, CentOS)

Experience with DevOps

Familiarity with code quality and code analyzing security tools

Experience with Amazon Web Services (AWS) : Should have current or ability to obtain an Amazon Cloud certification, such as AWS Certified Solutions Architect Associate or AWS Certified Security Specialty

Audit log review : ability to query and perform analysis in Splunk.

Experience within the Intelligence Community

What We Can Offer You :

• We’ve been named a Best Place to Work by the Washington Post.
• Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
• We offer competitive benefits and learning and development opportunities.
• We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
• For over 60 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
30+ days ago