Information System Security Engineer (Government)

Job Description:

AT&T Global Public Sector is a trusted provider of secure, IP enabled, cloud-based, network solutions and professional services to the

Federal Government.We are dedicated to recruiting, developing and empowering a diverse, high-performing workforce that is passionate about what they do, committed to our shared values and dedicated to our customers' mission.

Our National Security Team supports the intelligence community by providing, operating and assuring critical voice, video and collaboration services for the full spectrum of operations.

AT&T has an opening for an Information System Security Engineer (ISSE)to support the Intelligence Sector.

The job duties of the Information System Security Engineer (ISSE) are as follows:

• Responsible for the implementation of the National Institute of Standards and Technology (NIST) Special Publication 800-37, Guide for Applying the Risk Management Framework (RMF) Steps 1-3 for assigned information systems/assets. Each ISSE will be assigned as Primary and alternate on average for 4-7 systems depending on the complexity of the system. As a Primary ISSE, responsible for leading the asset RMF team and submitting weekly status reports. Daily tasks would be dependent on which RMF Step the assigned system is currently in.

• Step 1 - Categorize, by determining the criticality of the information and system according to potential worst-case, adverse impact to the organization, mission/business functions, and the system.

• Step 2 - Select security controls (NIST SP 800-53, Security and Privacy Controls for Information Systems and Organizations) starting with the appropriate baseline using categorization output from Step 1 to apply tailoring guidance as needed based on risk assessment.

• Step 3 - Implement security controls within enterprise architecture and systems using sound system security engineering practices (see SP 800-160); apply security configuration settings.

• Step 6 - Completes daily continuous monitoring control assessments to report security and privacy posture to management (e.g., body of evidence entry).

• Supports the Information System Security Manager & Information System Security Engineer Lead.

• Coordinates with the Information System Security Analysts, and system administrators for control implementation and Plans of Actions and Milestones (POA&Ms) closeout requirements.

• Coordinates with Information System Security Officers and other teams as required for continuous monitoring activities required for assigned information systems/assets.

• Ensures systems designs support incorporation to customer continuous monitoring solutions (i.e., Vulnerability Alerts, Splunk, Enterprise Scanning, etc.

• Required to become proficient on the Customer's Assessment and Authorization tool to track and document the RMF steps.

Required Clearance:

TS/SCI with poly (#ts/sci) (#polygraph)

Required Qualifications:

(1)Candidate must have 10 years of experience that can be a combination of work history and education. This equates to:

• Doctorate and 3 years of experience; OR
• Masters and 4 years; OR
• Bachelors and 6 years; OR
• Associates and 8 years; OR
• HS and 10 years.

(1)Must have at least one (1) certification to meet minimum requirements for DoD 8570 IAT Level 2 certification requirements; level 3 requirements are acceptable as well. Level II certifications must be obtained within six (6) months:

• Certified Network Defender (CND)
• COMPTIA Cybersecurity Analyst (CYSA+)
• COMPTIA Security+
• GIAC Security Essentials (GSEC)
• Global Industrial Cyber Security Professional (GICSP)
• Implementing and Administering Cisco Solutions (CCNA)

Systems Security Certified Practitioner (SSCP)

Desired Qualifications:

• Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.

• Ability to clearly articulate ideas for executive - level as well as technical staff consumption.

• Cloud environment experience

• Soft skills (experience with customer briefings), highly organized, problem solving, and self-motivated.

Our Information System Security Engineer's earn between $150,000 - $170,000. Not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

Joining our team comes with amazing perks and benefits:

• Medical/Dental/Vision coverage

• 401(k) plan

• Tuition reimbursement program

• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)

• Paid Parental Leave

• Paid Caregiver Leave

• Additional sick leave beyond what state and local law require may be available but is unprotected

• Adoption Reimbursement

• Disability Benefits (short term and long term)

• Life and Accidental Death Insurance

• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal

• Employee Assistance Programs (EAP)

• Extensive employee wellness programs

• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone

Weekly Hours:

40

Time Type:

Regular

Location:

Sterling, Virginia

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities.

Job ID R-13789 Date posted 03/08/2024 Apply Now