Information Systems Security Engineer II

ISSE II RoleSALARY RANGE $165,000 - $225,000/year DUTIES As a successful candidate for the ISSE II role, you will perform and review technical security assessments of computing environments to identify vulnerabilities and non-compliance with established Information Assurance (IA) standards, recommending effective mitigation strategies. You will validate system security requirements, support secure system design, and design, develop, implement, and integrate IA and security solutions across networking, computing, and multi-enclave environments with varying data protection requirements. You will embed security controls into operational systems, assist architects and developers in aligning solutions with Agency security policies, and support the development and enforcement of trusted system architectures. You will assess and mitigate security risks throughout the system life cycle, contribute to security planning, risk management, certification, and awareness activities, and review certification and accreditation documentation for completeness and compliance. You will apply system security engineering expertise across areas, including cross-domain solutions, cryptography, identification and authentication, intrusion detection, incident handling, configuration management, auditing, and security testing, and support security authorization activities in accordance with NSA/CSS NISCAP, DoD, and NIST RMF, and prescribed NSA/CSS security engineering processes. Required SkillsParticipate as a security engineering representative on engineering teams for the design, development, implementation, and/or integration of secure networking, computing, and enclave environments Participate as a security engineering representative on engineering teams for the design, development, implementation, and/or integration of IA architectures, systems, or system components Participate as the primary security engineering representative on engineering teams for the design, development, implementation, evaluation, and/or integration of secure networking, computing, and enclave environments Apply knowledge of IA policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments Interact with the customer and other project team members Participate as the primary security engineering representative on engineering teams for the design, development, implementation, evaluation, and/or integration of IA architectures, systems, or system components Support the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures Support security planning, assessment, risk analysis, and risk management Identify overall security requirements for the proper handling of Government data Provide security planning, assessment, risk analysis, and risk management Perform system or network designs that encompass multiple enclaves, including those with differing data protection/classification requirements Recommend system-level solutions to resolve security requirements Support the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures QualificationsFourteen (14) years of experience as an ISSE on programs and contracts of similar scope, type, and complexity is required. A bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university is required. Four (4) years of ISSE experience may be substituted for a bachelor's degree. Help plan and coordinate the IT security programs and policies Provide support for a program, organization, system, or enclave's information assurance program Provide security guidance and support to system developers, administrators, and owners Provide guidance and support for directed changes related to security Assess the security impact of changes to the system Help maintain the Security documentation, such as SSPs Conduct security assessments on systems in support of system authorization Support AO/DAO, SCA, and ISSM on system Assessment and Authorization (A&A) duties to obtain and maintain ATOs Conduct daily review of and respond to security-related tickets Utilize COTS/GOTS to communicate system status and compliance CertificationsDoD 8570.01-M compliance with IASAE Level 2 is required. CISSP Certification is required. Desired SkillsWindows or Linux System Administration Network Administration AWS An audit reduction and analysis tool such as Splunk A vulnerability scanner such as Nessus Xacta, LatteArt