The Information Systems Security Engineer (ISSE) performs standard project tasks to analyze information security requirements, translate these into security designs, implements these designs, and tests effectiveness. Has working knowledge of standard information security products including firewalls, intrusion detection systems, anti-virus systems, vulnerability testing, and security analysis tools.
The candidate must have the ability to operate effectively under pressure adhering to the ProSol Core Values of Agility: rapid adaptation to the changing requirements and environment of our clients; Excellence: Service quality that exceeds the expectations of our clients; Integrity: Accountability and honesty-always doing the right thing; and Long-Term Commitment: Unquestioned loyalty and dedication to our clients, partners and employees.
* Perform Information Systems Security Engineer (ISSE} functions and role to bridge the gap between high level security policies/requirements and technical/operational implementation of requirements.
* Provides support for a system or enclave's information assurance program through security authorization activities in compliance with Risk Management Framework (RMF).
* Provide vulnerability/risk assessment analysis to support Assessment & Authorization (A&A}.
* Maintain operational security posture for an information system or program
* Maintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgrades.
* Provide CM analysis for security-relevant information system software, hardware, and firmware.
* Assist with the management of security aspects of the information system and perform day-today security operations of the system.
* Determine information security measures implementations for operational systems and systems under development.
* Coordinate corrective actions to remediate system vulnerabilities.
* Develop security artifacts and Risk Management Framework (RMF) packages.
* Develop technical solution and recommend new security tools to help mitigate security vulnerabilities and automate repeatable tasks
Knowledge, Skills and Abilities:
* Experience with RMF, CNSSI 1253, NIST SP 800-53.
* Experience with Security Technical Implementation Guides (STIGs}.
* Experience with applying security compliance configurations to various types of Operating Systems (OS}.
* Experience with configuring and using vulnerability assessment tools such as Nessus Security Center and other scanning applications
* Experience with Security Content Automation Protocol (SCAP} Compliance Checker (SCC}s
* Experience with SIEM applications such as Splunk and ArcSight
* Knowledge and experience with the Risk Management Framework (RMF} process.
* Supports changes to IT systems and assesses the security impact of those changes.
* Experience functioning in an operational IT role with exposure to diverse IT architectures, demonstrating progressive growth of skills and responsibility.
* Experience completing or managing to completion projects/tasks/deliverables with minimal supervisory oversight.
* Advanced understanding of IT operations techniques.
* Advanced writing skills: able to clearly articulate ideas for executive level as well as technical staff consumption.
* Advanced Problem-solving skills: able to use prior experience and knowledge to address new situations; especially during interactions with clients.
* Advanced Analytical skills: able to use prior experience and knowledge to seamlessly incorporate new knowledge or information during client interactions
* Advanced Communications skills: able to work well with others, independently and as part of a team.
* Intermediate presentation skills: able to interview engineers on technical subject matter as well as brief executive level stakeholders.
* Strong understanding of information security principles and risk assessment techniques.
* Experience with radio telecommunications systems
Education and Experience:
* Required Certifications: CISSP
* Desired: ISSEP, CRISC, CASP, Security+ CE or CCNA
* Microsoft and/or Linux Certifications
Clearance: Top Secret; with ability to be read-in SCI
Work environment: Work is primarily performed in an office. Typically, employees sit comfortably to do their work, interspersed by brief periods of standing, walking, bending, carrying papers and books, and extensive periods requiring the use of computer terminals to accomplish work objectives.
Work days: Monday Through Friday; On-site
Work Hours: Core hours: 8:00 am - 4:00 pm
The above information on this description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.
ProSol is an equal opportunity employer, all interested qualified applicants are encouraged to apply, EEO/D/M/V/F. ProSol welcomes and encourages diversity in the workforce. All your information will be kept confidential according to EEO guidelines.