Information Systems Security Engineer (ISSE), SME

About The Position

Requirements

• Active TS/SCI clearance with Polygraph.
• Bachelor of Science degree in Computer Science, Information Assurance, Information Security System Engineering or related field.
• Minimum of 20 years of experience as an Information Systems Security Engineer (ISSE) or System Engineer.
• CISSP OR CASP certification required.
• Strong writing skills.
• Ability to present briefings to senior level DoD officials.
• Expertise in the Risk Management Framework (RMF) and conducting cybersecurity risk assessments.
• Expertise in network technology and systems security engineering.
• Experience in identifying, researching, characterizing, and documenting security weaknesses.
• Experience developing and documenting system security requirements and conducting requirements gap analysis.
• Experience with security monitoring and incident response capabilities.
• Experience with emerging technologies such as Zero Trust and Cloud Computing.
• Knowledge of NIST Special Publications 800 Series, CNSSI 1253, and DoD 8500.
• Ability to work independently within a schedule and with little direction.

Nice To Haves

• Experience with JEE (EJB, JPA, JTA, JAX-B, JAX-RS, JAX-WS), SQL, application servers (Tomcat, WebLogic, JBoss), scripting.
• Experience with high level requirements management including requirements decomposition, secure systems engineering and development.
• Experience in software development on Agile teams using Agile Developer practices.
• Experience with FITNesse, Mockito, Cucumber, Unified Functional Tester (UFT), Selenium.
• Experience with Behavior Driven Development (BDD).
• Secure Software development (i.e., Layer 7 Policy).
• Experience with the Scaled Agile Framework (SAFe) methodology, SAFe Agilest Certification, or experience as a member of an agile team.
• Additional experience in J2EE, Python, C/C++, SQL, SOAP, WSDL, Postgres, Oracle, Mongo, PowerShell.

Responsibilities

• Conduct cybersecurity risk assessments and provide prioritized risk mitigation recommendations.
• Support the design, implementation, and operation of real-time capabilities to discover, detect, analyze, and mitigate threats and vulnerabilities.
• Analyze candidate architectures against defined security requirements to identify security gaps.
• Research and evaluate candidate emerging technologies for cybersecurity effectiveness.
• Aid stakeholders in the development, refinement, delivery, and implementation of innovative solutions.
• Engage stakeholders to define security objectives, protection needs, and validation methods.
• Validate and verify system security requirements definitions and analysis.
• Design, develop, implement, and/or integrate IA and security systems and components.
• Assist architects and systems developers in implementing appropriate information security functionality.
• Contribute to security planning, assessment, risk analysis, risk management, and certification activities.
• Review C&A documentation for completeness and compliance.

Benefits

• Highly Competitive Health Care Premiums, including 100% employer paid for employee.
• Flexible Spending Accounts for Medical and Dependent Care.
• Generous PTO and Federal Holiday Paid Leave.
• Employer Paid STD/LTD.
• Employer Paid Life Insurance.
• 401K plan and Employer Match.
• Referral and Opportunity Referral Programs.
• Professional Development Assistance.