Information Systems Security Engineer (ISSE), Constellation Technologies, Annapolis, MD
Constellation Technologies -
Annapolis, MD,
US
Information Systems Security Engineer (ISSE)
Date Posted: 2024-05-24
Job description
About us: Mission Driven, Employee Focused
At CTI, you'll be at the center of an award-winning corporate culture, breaking technological barriers and solving real-world problems for our federal government customers. We are committed to hiring the best of the best, and in return, we offer a world-class, truly unique employee experience that is rare within our industry.
If you're a technical changemaker with a passion for Cyber Operations, Cloud and Data Analytics, or Engineering, we're looking for you! Love what you do AND where you work - alongside a supportive, innovative team of like-minded individuals. After all, we know that your best work happens when you live your best life, and we do everything we can to make that possible. Are you ready for your best career move? Intel Agency polygraph is strongly preferred.
Due to federal contract requirements, United States citizenship and an active TS/SCI security clearance is required for the position.
Description:
CTI is seeking an experienced TS/SCI polygraph cleared ISSE to provide support for adding new capabilities to a complex system with exacting interface, performance, and security requirements. You will become part of a team of Security Engineers working on solving challenging issues on a large, significant program. The position requires a solid understanding of security practices and policies as well as hands-on vulnerability testing experience. You will also collaborate with other engineers and technical experts in providing improvements to our operational, test, integration, and development systems.
The day-to-day:
Validating and verifying system security requirements and establishing system security designs for large-scale systems, major system elements, and interfacing systems that are part of a large complex network environment with geographically distributed components.
Identifying and implementing appropriate information security architectures and functionality to ensure uniform application of security policy and enterprise solutions.
Recommending and developing technical solutions, products, and standards based on current and desired system security architecture.
Assessing and mitigating system security threats and risks throughout the program life cycle.
Leading and/or contributing to the security planning, assessment, risk analysis, risk management, certification and awareness activities for various system and networking operations.
Effectively collaborating with other internal technical experts on a day-to-day basis.
Communicating with Program Managers and POCs from customer organizations when necessary regarding Security issues of significant importance.
Participating in program increment planning and related agile team activities.
Working closely with System Engineering, Test Engineering, and Integration teams to ensure that the hardware and software architecture and implementation meets the security requirements for processing classified information.
Analyzing and assessing system implementation against multiple security compliance policies and recommending and implementing enhancements.
Evaluating the impact of new development on the operational security posture of the system.
Evaluating, reviewing, and testing security-critical software.
Proposing, assessing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
Auditing and assessing system security configuration settings using common methodologies and tools.
Managing and enforcing security strategies and policies that effect various components of the geographically distributed systems.
Evaluating security solutions to ensure they meet customer specified requirements for processing classified information.
Providing configuration management for security-relevant information system software.
Serving as a subject matter expert in security architecture to include providing advice to Program Managers, Customer technical experts, and internal program teams.
Formulating security compliance requirements for new system features.
Identifying and remediating security issues throughout the system.
Supporting risk assessment, risk management, security control assessment, continuous monitoring, service design, and other IA program support functions.
Working with development teams to enrich team-wide understanding of different types of vulnerabilities, attack vectors and remediation approaches.
Planning and conducting security verification testing of relevant type 1 devices.
The qualifications (required):
Must be a US Citizen
Must have TS/SCI clearance w/ active polygraph
DoD 8570 compliance with IASAE Level 3 is required.
Must have Computer Information Systems Security Professional (CISSP) Certification.
Must have Information System Security Engineering Professional (ISSEP) Certification.
Must have experience applying Risk Management Framework.
Must have experience formulating and assessing IT security policy.
Must have demonstrated knowledge of and experience with common security tools, such as Nessus, NMAP and Wireshark hardware/software security implementation, communication protocol, encryption techniques/tools, and web services.
Must have experience with secure configurations of commonly used desktop and server operating systems.
Must be comfortable working on multiple systems and components simultaneously in various configurations.
Must have strong verbal and written communications skills.
Must be committed to adopting and adhering to best practices.
Must be able to effectively plan and prioritize tasking and communicate clearly regarding technical options and trade-offs.
Must be capable of performing high quality work both independently and with a team in a fast-moving environment.
The nice-to-haves (desired, not required):
Bachelor's degree or Master's Degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline.
Five (05) years of experience with Defense in Depth Principals/technology (including access control, authorization, identification and authentication, public key infrastructure, network and enterprise security architecture) and applying risk assessment methodology to system development.
Experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response.
Experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass the development, design, and implementation.
Experience with penetration testing tools.
Experience with scripting languages.
The benefits package:
Affordable healthcare options with 80% employer paid premium PLUS a company-funded HSA
Dental insurance with 100% employer paid premium
Vision with 80% employer paid premium
Employer paid Life insurance 100%
Employer paid Short-term and Long-term disability 100%
Annual training, continued education, and professional memberships reimbursement
Unlimited access to Red Hat Enterprise Linux and AWS training and accreditation
Annual reimbursement for technology i.e. phones, computers, printers, etc.
401(k) with company match up to 5% with 100% immediate vesting (after 90 days of employment)
The environment and perks:
Professional development investment and paid time off for training
Contract and work locations in Maryland, Virginia, Colorado, Texas, Utah, California, Florida and Hawaii.
Team building events throughout the year such as Destination Family Events, Holiday Party, Monthly Get-Togethers
Leadership Team engagement and mentorship
Performance Recognition Program
Complimentary branded apparel
Don't see a job opening that's the perfect fit? Apply to our General Position to join our talent pool for consideration for future opportunities.
Know someone else who may be a good fit? Refer them through the CTI External Referral Program and you could receive a one-time referral bonus of up to $10,000! Email ...@cti-md.com for more information.
Constellation Technologies is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, religion, creed, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, medical condition, marital or domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability or physical disability, genetic information, military or veteran status, citizenship, low-income status or any other status or characteristic protected by applicable law. Job applicants can submit questions about CTI's equal employment opportunity policy to ...@cti-md.com.
At CTI, you'll be at the center of an award-winning corporate culture, breaking technological barriers and solving real-world problems for our federal government customers. We are committed to hiring the best of the best, and in return, we offer a world-class, truly unique employee experience that is rare within our industry.
If you're a technical changemaker with a passion for Cyber Operations, Cloud and Data Analytics, or Engineering, we're looking for you! Love what you do AND where you work - alongside a supportive, innovative team of like-minded individuals. After all, we know that your best work happens when you live your best life, and we do everything we can to make that possible. Are you ready for your best career move? Intel Agency polygraph is strongly preferred.
Due to federal contract requirements, United States citizenship and an active TS/SCI security clearance is required for the position.
Description:
CTI is seeking an experienced TS/SCI polygraph cleared ISSE to provide support for adding new capabilities to a complex system with exacting interface, performance, and security requirements. You will become part of a team of Security Engineers working on solving challenging issues on a large, significant program. The position requires a solid understanding of security practices and policies as well as hands-on vulnerability testing experience. You will also collaborate with other engineers and technical experts in providing improvements to our operational, test, integration, and development systems.
The day-to-day:
Validating and verifying system security requirements and establishing system security designs for large-scale systems, major system elements, and interfacing systems that are part of a large complex network environment with geographically distributed components.
Identifying and implementing appropriate information security architectures and functionality to ensure uniform application of security policy and enterprise solutions.
Recommending and developing technical solutions, products, and standards based on current and desired system security architecture.
Assessing and mitigating system security threats and risks throughout the program life cycle.
Leading and/or contributing to the security planning, assessment, risk analysis, risk management, certification and awareness activities for various system and networking operations.
Effectively collaborating with other internal technical experts on a day-to-day basis.
Communicating with Program Managers and POCs from customer organizations when necessary regarding Security issues of significant importance.
Participating in program increment planning and related agile team activities.
Working closely with System Engineering, Test Engineering, and Integration teams to ensure that the hardware and software architecture and implementation meets the security requirements for processing classified information.
Analyzing and assessing system implementation against multiple security compliance policies and recommending and implementing enhancements.
Evaluating the impact of new development on the operational security posture of the system.
Evaluating, reviewing, and testing security-critical software.
Proposing, assessing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
Auditing and assessing system security configuration settings using common methodologies and tools.
Managing and enforcing security strategies and policies that effect various components of the geographically distributed systems.
Evaluating security solutions to ensure they meet customer specified requirements for processing classified information.
Providing configuration management for security-relevant information system software.
Serving as a subject matter expert in security architecture to include providing advice to Program Managers, Customer technical experts, and internal program teams.
Formulating security compliance requirements for new system features.
Identifying and remediating security issues throughout the system.
Supporting risk assessment, risk management, security control assessment, continuous monitoring, service design, and other IA program support functions.
Working with development teams to enrich team-wide understanding of different types of vulnerabilities, attack vectors and remediation approaches.
Planning and conducting security verification testing of relevant type 1 devices.
The qualifications (required):
Must be a US Citizen
Must have TS/SCI clearance w/ active polygraph
DoD 8570 compliance with IASAE Level 3 is required.
Must have Computer Information Systems Security Professional (CISSP) Certification.
Must have Information System Security Engineering Professional (ISSEP) Certification.
Must have experience applying Risk Management Framework.
Must have experience formulating and assessing IT security policy.
Must have demonstrated knowledge of and experience with common security tools, such as Nessus, NMAP and Wireshark hardware/software security implementation, communication protocol, encryption techniques/tools, and web services.
Must have experience with secure configurations of commonly used desktop and server operating systems.
Must be comfortable working on multiple systems and components simultaneously in various configurations.
Must have strong verbal and written communications skills.
Must be committed to adopting and adhering to best practices.
Must be able to effectively plan and prioritize tasking and communicate clearly regarding technical options and trade-offs.
Must be capable of performing high quality work both independently and with a team in a fast-moving environment.
The nice-to-haves (desired, not required):
Bachelor's degree or Master's Degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline.
Five (05) years of experience with Defense in Depth Principals/technology (including access control, authorization, identification and authentication, public key infrastructure, network and enterprise security architecture) and applying risk assessment methodology to system development.
Experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response.
Experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass the development, design, and implementation.
Experience with penetration testing tools.
Experience with scripting languages.
The benefits package:
Affordable healthcare options with 80% employer paid premium PLUS a company-funded HSA
Dental insurance with 100% employer paid premium
Vision with 80% employer paid premium
Employer paid Life insurance 100%
Employer paid Short-term and Long-term disability 100%
Annual training, continued education, and professional memberships reimbursement
Unlimited access to Red Hat Enterprise Linux and AWS training and accreditation
Annual reimbursement for technology i.e. phones, computers, printers, etc.
401(k) with company match up to 5% with 100% immediate vesting (after 90 days of employment)
The environment and perks:
Professional development investment and paid time off for training
Contract and work locations in Maryland, Virginia, Colorado, Texas, Utah, California, Florida and Hawaii.
Team building events throughout the year such as Destination Family Events, Holiday Party, Monthly Get-Togethers
Leadership Team engagement and mentorship
Performance Recognition Program
Complimentary branded apparel
Don't see a job opening that's the perfect fit? Apply to our General Position to join our talent pool for consideration for future opportunities.
Know someone else who may be a good fit? Refer them through the CTI External Referral Program and you could receive a one-time referral bonus of up to $10,000! Email ...@cti-md.com for more information.
Constellation Technologies is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, religion, creed, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, medical condition, marital or domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability or physical disability, genetic information, military or veteran status, citizenship, low-income status or any other status or characteristic protected by applicable law. Job applicants can submit questions about CTI's equal employment opportunity policy to ...@cti-md.com.