Senior Information Systems Security Engineer

Senior Information Systems Security Engineer

Altamira delivers a variety of analytic and engineering capabilities to the US National Security community, but the tech culture and the caliber of the individuals that bring these capabilities to fruition are what really set us apart. Our Dayton, OH office is highly focused on the Space-based mission set with a heavy emphasis on sensor exploitation and analysis; Tampa, FL focuses on 'art-of-the-possible' analytics of all kinds with an emphasis on graph technologies, NLP, and wrangling complex data sets; and all forces converge at our headquarters in the Northern Virginia/Washington DC area where we host our tech events and support engineering and analytic missions across several IC and DOD agencies.

While our work occurs in different states and different mission domains, we've got analytics at the heart of every operation and genuine curiosity for new methods, techniques, and solutions. Our specialties are data science and analytics, data engineering, software engineering, and end-to-end analytic solutions architecture. We've also got some awesome benefits like the Altamira Healthy Living program, with ongoing competitions and a flexible spending stipend for health and wellness-related items.

Location(s): Chantilly, VA

The Role: An Altamira Information Systems Security Engineer will provide support to design, develop, and maintain the client's systems compliance with ICD 503 requirements. This also includes advising and assisting the client with security and network accreditations; providing the client with a working understanding of the latest networking communications and protocols, server technologies, application technologies, and security vulnerabilities; organizing and maintaining awareness of both physical and logical placement of network nodes within a network; identifying software components that fulfill mission requirements; and translating a network's technology requirements into usable solutions. Prepare and maintain documentation for specified networks that provide a reference for users to understand the established restrictions associated with those specific networks. Develop and maintain System Security Plans (SSP) to meet ongoing security requirements. Ensure approved SSPs are kept up to date as changes are made to the networks.

Implement security requirements and ensure compliance with the client's Information System Security Manager (ISSM) approved SSPs for all networks. This includes: establishing or utilizing existing access control mechanisms; defining and configuring the appropriate firewall settings; conducting intrusion detection and prevention; conducting vulnerability scanning; conducting anti-virus management; and conducting the necessary incidence response actions in accordance with client security policies.

Exercise robust network oversight that incorporates rigorous compliance, privacy and data security standards and achieves the following objectives:

• Secure network. High network availability.

• High functionality and usability.

• High network performance.

• Low infrastructure cost and risk.

• Complete record of ongoing network changes to include activity logging and auditing.

Required Experience in several of the following areas:

• Securing mission systems through the ICD 503 process for security risk management, certification, and accreditation.

• Securing and monitoring Microsoft Windows desktop and server in a secure IT environment including one or more of Windows 7, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016.

• Securing and monitoring Linux & Microsift Windows desktops, servers, and other devices.

• Securing and monitoring Macintosh devices.

• Applying Risk Management Framework controls to systems with successful authorization of those systems

• Use of system authorization workflow tools including advising on how to navigate those tools and assisting projects with steps needed to complete authorization

• Xacta or Greenlight 360 compliance and risk assessment application tool

• Rapid7 scanning and vulnerability remediation

• NMAP scans

• Splunk Administration knowledge and skills

• Securing and monitoring enterprise level Cisco network devices.

• Securing and monitoring enterprise level Cisco VOIP devices.

• Securing and monitoring enterprise level Cisco VTC devices.

• Administering, securing and monitoring enterprise level Windows and Linux network infrastructures

Desired Experience:

• Certified Information Systems Security Professional (CISSP) Certification(s).

• Certified Splunk Administrator

Your quals:

• TS/SCI w/FSP

• Bachelor's Degree or Master's degree in a relevant field.

• Minimum of eight (8) years of experience providing support in the respective disciplines.