ISSE with Security Clearance, Gridiron IT Solutions, Chantilly, VA
Gridiron IT Solutions -
Chantilly, VA,
US
ISSE with Security Clearance
Date Posted: 2024-05-08
Job description
Position Title: Information Systems Security Engineer (ISSE) Responsibilities include serving as information security specialist, reviewing all software, hardware, and infrastructure changes on the systems, following the RMF Risk Management Framework process to support system accreditation, continuous monitoring, security mitigation; maintain security documentation, and other tasks as necessary.
Information System Owners (ISOs) guidance, requirements understanding, and options to support technical security engineering.
Proposes categorization of information systems based on types of information processed, in conjunction with DAO Representatives and ISOs.
Capability based security analysis of system security architectures, identifies vulnerabilities, and provides suggested mitigation alternatives.
Applying best practices and processes to capture, refine, and assist in the prioritization of requirements based on risk, engineering principles, and mission requirements.
Evaluates scan results and works with system developers and system administrators to eliminate or mitigate findings.
Participates in design, development, and implementation of information systems to ensure these systems are in compliance with required security features and safeguards.
Security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.
Generates certification and accreditation (C&A) documentation and artifacts (ie. System Security Plans, Network Interface Planning Documents, etc.) for import / upload to the SNOW tool.
Coordinates with appropriate Security Control Assessors (SCAs) early in engineering design phase for ongoing coordination, understating in development and application of security controls. Required skills:
An active TS/SCI clearance with Polygraph
Bachelor's degree in systems engineering, electrical engineering, information technology, or related field
5+ years of relevant experience (or 7+ years without related degree)
Understanding of engineering in development and operational environment
Experience with security control testing and demonstration.
Understanding of IA principle and organizational requirements
Experience with DOD/IC System Security control requirements
Understanding of information security systems engineering principles and IT security technologies (e.g. firewalls, encryption, proxies)
Understanding of cloud based technologies and development environments along with security control implementation in those environments.
Experience working with system administrators, developers, and systems engineers to continually monitor and ensure system compliance.
Strong Communication skills
Familiarity with developing and maintaining system security documentation
Enthusiastic & energetic performer able to work in a dynamic, fast-paced, & high visibility environment
Self-motivated and capable of performing tasks with minimal oversight
Team player incorporating a team based success philosophy
Current Security+, CISSP, or equivalent DOD 8570 IAT 2/3 certification
Information System Owners (ISOs) guidance, requirements understanding, and options to support technical security engineering.
Proposes categorization of information systems based on types of information processed, in conjunction with DAO Representatives and ISOs.
Capability based security analysis of system security architectures, identifies vulnerabilities, and provides suggested mitigation alternatives.
Applying best practices and processes to capture, refine, and assist in the prioritization of requirements based on risk, engineering principles, and mission requirements.
Evaluates scan results and works with system developers and system administrators to eliminate or mitigate findings.
Participates in design, development, and implementation of information systems to ensure these systems are in compliance with required security features and safeguards.
Security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.
Generates certification and accreditation (C&A) documentation and artifacts (ie. System Security Plans, Network Interface Planning Documents, etc.) for import / upload to the SNOW tool.
Coordinates with appropriate Security Control Assessors (SCAs) early in engineering design phase for ongoing coordination, understating in development and application of security controls. Required skills:
An active TS/SCI clearance with Polygraph
Bachelor's degree in systems engineering, electrical engineering, information technology, or related field
5+ years of relevant experience (or 7+ years without related degree)
Understanding of engineering in development and operational environment
Experience with security control testing and demonstration.
Understanding of IA principle and organizational requirements
Experience with DOD/IC System Security control requirements
Understanding of information security systems engineering principles and IT security technologies (e.g. firewalls, encryption, proxies)
Understanding of cloud based technologies and development environments along with security control implementation in those environments.
Experience working with system administrators, developers, and systems engineers to continually monitor and ensure system compliance.
Strong Communication skills
Familiarity with developing and maintaining system security documentation
Enthusiastic & energetic performer able to work in a dynamic, fast-paced, & high visibility environment
Self-motivated and capable of performing tasks with minimal oversight
Team player incorporating a team based success philosophy
Current Security+, CISSP, or equivalent DOD 8570 IAT 2/3 certification