* Maintains current system/service ICD 503/Risk Management Framework compliance.
* Provides ICD 503/RMF compliance to future security service designs.
* Completes Assessment and Authorization (A&A) activities.
* Creates security classification guides.
* Interfaces with external organizations on security infrastructure services, security engineering, and operational requirements.
* Reviews information systems throughout lifecycle for compliance with federal security guidelines.
* Produces A&A documentation, to include system security plans, traceability matrices, test plans, user security guides, etc.
* Assists with program protection support activities.
* Collaborates with other entities within the organization on supporting information assurance goals and objectives.
* Conducts and reports risk assessments, plan of action and milestones (POA&M), and concept of operations (CONOPS) to support threat assessments and vulnerability analysis.
Prerequisites: / Qualifications:
The Information Security Engineer Sr. must have a minimum of 5 or more years of information security engineering experience. For 8570 compliance, must be able to obtain a CAP, GSLC, CISM, CASP or CISSP within 6 months.
The candidate should have experience in the following areas:
* Ability to understand various computer architecture, software applications and operating systems.
* Solid working knowledge of network security architecture.
* Understanding of trusted systems and their applications.
* Ability to apply information systems security engineering, security services and mechanism, threats and vulnerabilities to systems.
* Good technical problem-solving skills.
* Communications and teamwork skills.
* Experience with Risk Management Framework six-step A&A process.
* Knowledge of applicable IC/DoD IA policies and NRO policies, directives and standards, to include ICD 503 and NIST SP 800 series.
* Work to be performed in the Herndon/Chantilly, VA area*
* U. S. Citizen.
* TSSCI with Polygraph Required. Must have an active or re-instatable TS/SCI/TK and CI Polygraph or Lifestyle Polygraph.
Job ID 1930697 Date posted 07/02/2019
AT&T is a provider of telecommunications, media, entertainment, and technology services for consumers, content creators, distributors, and advertisers.