Sorry, this job is no longer accepting applications. See below for more jobs that match what you’re looking for!

Information Systems Security Engineer/Issr

Expired Job

DXC Technology Washington , DC 20319

Posted 4 months ago

Every day at Perspecta, we enable hundreds of thousands of people to take on our nation's most important work. We're a company founded on a diverse set of capabilities and skills, bound together by a single promise: we never stop solving our nation's most complex challenges. Our team of engineers, analysts, developers, investigators, integrators and architects work tirelessly to create innovative solutions. We continually push ourselvesto respond, to adapt, to go further. To look ahead to the changing landscape and develop new and innovative ways to serve our customers. Perspecta works with U.S. government customers in defense, intelligence, civilian, health care, and state and local markets. Our high-caliber employees are rewarded in many waysnot only through competitive salaries and benefits packages, but the opportunity to create a meaningful impact in jobs and on projects that matter. Perspecta's talented and robust workforce14,000 strongstands ready to welcome you to the team. Let's make an impact together.

Perspecta has an immediate need for an Information Systems Security Engineer/ISSR in Washington, D.C.

Position Title: Information Systems Security Engineer / ISSR - Top Secret Clearance

Job Description:
Our task order provides on-site technical and administrative Security Assessment and Authorization (A&A) and Continuous Monitoring (CM) support for the client enterprise wide. The Cloud Information Systems Security Engineer (ISSE) implements security engineering principles to review security requirements, verify implementation, and provide mitigation recommendations throughout the cloud life cycle to facilitate secure systems for A&A and Continuous Monitoring support. The ISSE/ISSR responsibilities include, but are not limited to:

  • Serving as the Information Assurance Section cloud subject matter expert for the A&A and Continuous Monitoring processes

  • Providing security requirements analysis of cloud architectures and designs

  • Identifying technical gaps and providing solution recommendations for cloud services acquisition, development, migration, implementation, and monitoring

  • Explaining cloud security controls/requirements and guidance to the System Owners and System Teams and recommending implementation strategies

  • Identifying cloud vulnerabilities and recommending mitigation alternatives for POA&M items

  • Reviewing cloud security test results to identify weaknesses, technical flaws, and vulnerabilities

  • Reviewing cloud SLAs for compliance to requirements

  • Recommending technical process improvements for the A&A process.

Required Qualifications:

  • Project management experience

  • Excellent communication both written and verbal skills

  • Experience working with a Quality Assurance team

  • Experience working with a Project Management Office

  • Ten years IA and InfoSec experience; which includes developing and reviewing security concept of operations, systems security plans, security control assessments, contingency plans, configuration management plans, incident response plans, plan of actions and milestones, risk management plans, vulnerability scanning, and/or vulnerability management plans

  • Five years security engineering experience; which includes systems engineering principles, requirements analysis, system development (software and hardware); network security architecture concepts (topology, protocols, components); and/or IT security principles and methods (firewalls, demilitarized zones, encryption)

  • Two years cloud experience; which includes cloud security design, requirements analysis, control implementation, mitigation, and FedRAMP, as well as experience with common service providers, such as AWS, Azure, and/or Salesforce

  • Experience with FISMA and RMF/A&A processes

  • Experience with NIST SP (800-27, 30, 37, 53, 60, 137, 144, 145), FIPS (199, 200), CNSSI 1253 experience

  • Experience with STIG and SCAP

  • Understanding of the System Development Lifecycle

  • Understanding of network access, identity and access management

  • Strong analytical, communication, problem solving and leadership skills

  • Ability to perform in a fast paced environment with frequent change

  • CISSP and CISM or GSLC; or ability to obtain CISM or GSLC within 6 months of hire

  • Active Top Secret clearance, periodic review (PR) performed within the past three years, SCI eligibility.

  • Subject to credit check

Preferred Qualifications:

  • Government consulting experience

  • CISSP-ISSEP, CCSP, GCIA, CEH, GPEN, OSCP or other related certifications

  • Knowledge of CSA guidance

  • Experience with VMware

  • Experience with cloud automation tools and scripting (Python, Java, Chef, Puppet, and/or Ansible)

  • Bachelor's or Master's degree in a related field.

See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Systems Security Officers (Issos)

Solutions By Design II, LLC

Posted 2 days ago

VIEW JOBS 12/15/2018 12:00:00 AM 2019-03-15T00:00 SBD is seeking highly qualified and motivated <strong>Information Systems Security Officers (ISSOs)</strong> for a federal client.  The ISSO is dedicated to performing the risk management services for several security boundaries to include FedRAMP cloud hosted applications and offers services in the following areas.<br /> <br /> Technical responsibilities include: <ul> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">System Security Officers and System Security program serves to dedicate security staff to specific systems and programs.  Be knowledgeable of Federal, Departmental, and security regulations when developing functional and technical requirements; serve as a POC for Information System with security issues;</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Prepare and update reports to ensure that the unit complies with mandated internal and external security reporting requirements, including Federal Information Security Modernization Act (FISMA) and CPIC;</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Coordinate security program and system elements with the agency IT Program Managers by evaluating system environments for security requirements and controls including: IT Security Architecture, hardware, software, telecommunications, security trends, and associated threats and vulnerabilities;</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Manage security controls to ensure confidentiality, integrity and availability of information;</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Build security into the system development process and define security specifications to Support the acquisition of new systems;</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Review and sign off on system procurement requests to ensure that security has been considered and included;</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Adhere to and implement system security controls that ensure the protection of Sensitive but Unclassified (SBU) information using authentication techniques, encryption, firewalls, and access controls;</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Complete self-assessments;</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Assist in the A&A process;</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Update to the SSP for the program;</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Serve as a key advisor in risk assessments of all systems and mitigate vulnerabilities;</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Adhere to Continuous Monitoring practices to ensure that security controls are maintained over the life of IT systems</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Update the electronic agency inventory for all agency computing devices;</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Assist the System Owner in the development, testing and maintenance of contingency plans, backup and storage procedures;</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Document all procedures according to departmental standards;</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Audit and monitor application, system and security logs for security threats, vulnerabilities and suspicious activities; report suspicious activities to the agency CIRC coordinator;</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Monitor and coordinate patch management and scanning techniques for all unit systems; participate in identification and mitigation of all system vulnerabilities;</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Support and facilitate the security awareness, training and education program; and</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Assist the Information System Security Manager (ISSM) in any other security related duties, as required</li> </ul> <br /> <br /> Additional responsibilities include: <ul> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Incident response, as needed</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Coordinate Incident Response with the agency System Owners (SO) to include all associated actions necessary to mitigate the risk to unit systems</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Prepare and coordinate Incident Responses with the agency ISSM to include all associated actions necessary to mitigate the risk to unit systems.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Computer investigations and forensics</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">POA&M Review/Processing</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">On a quarterly basis, update POA&M information in centralized authoritative source</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Assist in and/or prepare Weakness Completion Verification Forms</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Security architecture and engineering support</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Develop, prepare and/or update SOP's as identified or as necessary</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">SOP's are updated at a minimum annually</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Consolidate all ISSO Activity Status Reports. Report requirements and format shall be established by the designated Government Task Lead after award</li> </ul> <br /> <br /> <strong>Requirements: </strong> <ul> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Bachelor’s Degree in CS, IT, or Engineering</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">7+ years experience in IT field; 5+ years consulting experience</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">5+ years experience with NIST and FISMA</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Must have 3+ years experience supporting Federal customers </li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Must have 3+ years demonstrated success serving in ISSO support roles.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Must have CISSP certification</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Must be highly organized and have solid interpersonal skills</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Strong communication skills, listening and writing skills</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Energy, integrity and strong work ethic</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Must have a DoD Secret or Top Secret clearance and be able to obtain a federal government EOD</li> </ul> <br /> <br /> <strong>Desired: </strong> <ul> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Master’s Degree</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Cloud security experience</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">CCSP, CIPP, CAP, CASP/GSLC/CISM/CSM or other industry standard security certifications</li> </ul>  <br />   Solutions By Design II, LLC Washington DC

Information Systems Security Engineer/Issr

Expired Job

DXC Technology