Information Systems Security Engineer
Job Description
JOB PURPOSE
We are currently seeking an Information Systems Security Engineer II to implement security measures and ensure that all cybersecurity practices align with Department of Defense (DoD) standards and other regulatory requirements across Ballistic Missile Defense C4I software, hardware, and Program of Record (POR) systems. This role requires a hands-on approach to the practical application of the cybersecurity strategies formulated by the Information Systems Security Officer. Responsibilities include assisting in the deployment of security updates and patches, managing the configuration of security tools, and supporting the overall maintenance of the cybersecurity infrastructure, ensuring that the organization's network and data remain secure and compliant.
JOB RESPONSIBILITY SUMMARY
- Execute cybersecurity strategies and initiatives as directed by the project's Information Systems Security Officer (ISSO), focusing on the deployment of security solutions.
- Regularly report to the ISSO and management on the effectiveness of security measures and ongoing security projects, providing updates and recommendations as needed.
- Conduct regular security assessments and audits to identify vulnerabilities within the system and oversee the implementation of corrective actions.
- Conduct STIG assessments on systems and networks to ensure DoD compliance, implementing essential modifications to maintain security without affecting performance.
- Manage the lifecycle of vulnerability assessments with ACAS tools, from creating scan zones to updating plugins and running non-disruptive scans, while promptly remediating vulnerabilities and reporting details to DoD agencies.
- Collaborate with various departments to ensure the strict implementation of security policies and adherence to regulatory compliance standards.
- Utilize eMASS to manage RMF artifacts, ensuring cybersecurity controls are accurately documented, assessed, and authorized in line with DoD standards.
- Oversee and integrate Trellix products within the Ballistic Missile Defense security framework and provide detailed explanations of their functionality and management to team members and customers.
- Work closely with system administrators and network team to ensure that security measures are seamlessly integrated into the technological infrastructure and processes.
REQUIRED KNOWLEDGE, SKILLS, & ABILITIES
(To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skills, and ability required.)
Licensure/Credentials Required:
- Candidate must be a US Citizen
- This position requires an existing U.S. Government DoD granted security clearance/eligibility at the final Secret level. Individual must be able to maintain the necessary security clearance/eligibility for employment. U.S. Citizenship is required.
- Must currently possess a Security+ certification (DoD Cybersecurity Workforce (CSWF) Information Assurance Technician (IAT) Level 2) or can obtain it within six months of employment
Required Experience:
- At least 7 years of experience in cybersecurity, with a proven track record of managing security systems and teams
- Strong understanding of cybersecurity frameworks such as NIST and ISO 27001 and adherence to DoD regulations and standards
- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar advanced security certifications
- DoD IAT Level II certified
- Ability to work in a team-oriented, collaborative environment
- Strong problem-solving skills and ability to prioritize and execute tasks in a high-pressure environment
- Excellent communication and interpersonal skills
Preferred Education:
- Bachelors in related field (i.e. networking, computer science, cyber security) preferred
Preferred Experience:
- CompTIA Linux+ certification
- CompTIA Network+ certification
- Experience with PowerShell, SQL, SCAP, ACAS, VMware/vSphere, and network management tools such as Nagios, Wireshark, SolarWinds
Equal Opportunity Employer – minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity.
*Please mention you saw this ad on DiversePositions.*
