Information Systems Security Engineer (ISSE)

Position Description: We are seeking an Information Systems Security Engineer (ISSE) who will be responsible for management of the certification and accreditation of computer networks and standalone information systems using government standards. This individual will maintain responsibility for media control, virus scanning, hardware and software control, and computer security briefings.

Additionally, the ISSE will support all disciplines within the security program and ensure business needs are met. Responsibilities include working with the system administrator to ensure all systems security procedures are being followed and maintaining audit files that are reviewed in accordance with multiple client requirements. The Isse will interact with internal and external customers or government security officials to perform security duties, address routine information security matters with employees regarding issues, and report preparation and system security access briefings.

The selected individual will need to be able to make sound decisions and manage all aspects of information systems security as it applies to the DOD community (NISPOM, IFSO Manual, NISPOM Technical Baseline, DOD 8570M), conduct risk assessments on hardware intended for use by a program to determine the proper Protection Level for the IS, and identify any vulnerabilities that would need mitigation. Additionally, the ISSE prepares and implements Information System Security Plans, Protection Profiles, etc., working closely with local DSS, ODAA, and other government approval authorities to achieve system accreditation and maintain compliance for all collateral classified information systems.

Additional responsibilities include conducting regular AIS audits to ensure accredited systems are being operated securely and computer security policies and procedures are implemented as defined in security plans.

The ISSE will ensure that personnel are trained on the IS's prescribed security restrictions and safeguards before they are initially allowed to access a system. The selected individual will also ensure the implementation of site procedures for marking, handling, controlling, removing, transporting, sanitizing, reusing, and destroying media/equipment containing classified information are followed.

Qualifications:

• A Bachelor’s degree with 8-10 years of experience

• 8-10 years of related experience in INFOSEC administration.

• In-depth experience with Government procedures and policies, including Operations Security requirements and preparation of deliverable documentation

• 3 years of experience generating Risk Management Framework (RMF) packages, including supporting Intelligence Community Directive (ICD) 503 compliance.

• 3 years of experience providing Cybersecurity (IT security) support with IT hardware, software, networks/security system, or management services with IT hardware, software, networks/security system.

• 3 years of experience with applying DISA Security Technical Implementation Guide (STIGs) and Security Recommendation Guides (SRG).

• 2 years of experience utilizing the Assured Compliance Assessment Solution (ACAS) tool to analyze computer asset vulnerabilities.

Clearance:

• TS/SCI

Location:

• Springfield, VA

Certifications:

• IA certification in Security+ CE or higher (e.g. CEH, CASP, CISSP, etc.)