Information Security Systems Engineer (ISSE)

About The Position

Requirements

• Bachelor’s Degree and a minimum of 4 years of prior relevant experience or Graduate Degree and a minimum of 2 years of prior related experience. 8+ years of prior related experience may be substituted in lieu of a degree
• DOD 8140 certification (or NIST 800-181), appropriate for the position (e.g., Sec+, SecX, CISSP)
• Candidate must possess an active TS/SCI clearance
• US citizenship required

Nice To Haves

• Familiarity with IBM AIX, Cisco and Juniper networking equipment operating systems, Palo Alto firewalls, and VMware vCenter.
• Experience in configuration and use of cyber defense and vulnerability assessment tools such as ACAS, SCC and ESS.
• System testing and evaluation methods and RMF assessment methodology & process.
• Experience applying DISA System Technical Implementation Guides (STIGs) to Operating Systems, Applications, Network devices
• Proficiency with Linux and Windows based operating systems
• Previous experience in Systems or Network Administration, including NIPR/SIPR experience
• Familiarity with scripting and automation (languages vary - Python, MATLAB, BASH, etc)
• Proficiency with Microsoft Office Product Suites: Excel, Word, PowerPoint, Visio
• Ability to work independently as well as in a team environment
• Knowledge of Space Domain Awareness/Command and Control (SDA/C2) mission

Responsibilities

• Execute security requirements, documentation, and risk mitigation strategies.
• Comply with CNSSI 1253, DoDI 8510.01 Risk Management Framework Accreditation Process.
• Conduct ACAS (Assured Compliance Assessment Solution) vulnerability scans using Nessus Security Center, manage scan profiles, update plugins, and troubleshoot issues as needed.
• Perform annual control assessments using established test procedures to validate security controls are functioning as intended.
• Develop, track, and manage Plans of Action & Milestones (POA&Ms) for identified security weaknesses and deficiencies.
• Prepare and submit quarterly security status reports to stakeholders, documenting POA&M progress and ongoing security activities.
• Perform continuous monitoring activities, document completion of required tasks, and report any findings.
• Conduct weekly audit log reviews to identify security events including failed authentication attempts, privilege escalation, unusual activity patterns, and atypical usage.
• Conduct monthly reviews of user accounts to identify and disable inactive accounts in accordance with security policies.
• Perform annual validation of user access privileges and role assignments in coordination with supervisors to ensure appropriate access levels and enforcement of separation of duties.
• Serve as primary incident handler for all security incidents, following established operating procedures and escalation protocols.
• Assist with patch management including application of patches and verification of successful deployment to ensure timely remediation of vulnerabilities.
• Maintain comprehensive understanding of system architecture, components, data flows, interconnections, and security categorization.
• Coordinate Interconnection Security Agreements (ISAs) for external connections and ensure proper documentation in Security Plans and Risk Assessments.
• Follow Configuration Management Plan (CMP) procedures for all system changes and document security impacts of modifications.

Benefits

• Health, Dental and Vision Insurance
• HSA or FSA accounts
• Company paid ST/LT Disability and AD&D insurance
• Paid Federal Holidays
• Paid Vacation Leave and Sick Leave
• 401k with company match
• Supplemental Insurance options like AFLAC
• Education Assistance
• Voluntary Life Insurance