Information Systems Security Engineer
The Information Security Systems Engineer is to report to the Program Manager on a cyber security project. The ISSE will interact with system administrators and software product developers to implement information security measures from the beginning of the product development process through to deployment and sustainment. The ISSE is to work primarily in our Centreville, VA facility along with occasional onsite work in the DC, Virginia, Maryland region. The selected candidate will have to maintain a Secret security clearance. The candidate will support a variety of information systems at varying levels of complexity on the classified and controlled unclassified information (CUI) networks. The candidate will travel occasionally and provide some afterhours support.
PRIMARY RESPONSIBILITIES INCLUDE:
* Interface with customers, managers, and other leads to gather requirements, recommend solutions, provide status, and manage issues/requests.
* Work with the Program Manager of cyber security project to manage and maintain the project's Cyber Security responsibilities including contributing to efficient resource planning, improving department standards and processes, and researching Cyber Security solutions to support program objectives.
* Interface with system administrators and software developers to incorporate security within the product from the beginning of the development process.
* Develop and implement information security procedures, system security plans, and POA&Ms for the operation of networked and standalone classified computers systems, as well as coordinating government agency approvals/accreditations.
* Conduct periodic system self-inspections/testing, weekly system audits, media reviews and investigations of computer security incidents, coordinating with other organizations for expertise as needed.
* Consult on the design, development, integration, and analysis of classified and CUI computing systems.
* Perform information system hardening configurations and remediation activities in accordance with company and customer standards.
* Provide customer service to end users of the information systems for cyber security-related requests and issues such as data transfers, user account management activities, software approval requests, end user cyber security training, and others as assigned.
* Assist with product research and testing utilizing open source resources as well as coordination with appropriate vendors.
* Lead the project's Incident Response team.
* IATT II Certification
* Active DoD SECRET Clearance
* Bachelor's Degree in a Cyber Security or Information Technology related discipline. Will consider experience in lieu of a degree.
* 5+ years' experience with DoD Risk Management Framework
* 5+ years' experience with the following:
* NIST 800 Series Special Publications
* Implementing DISA STIGs
* Nessus or ACAS Scanning and Reporting
* SCAP Compliance
* Continuous Monitoring
* Splunk or ElasticSearch
* Amazon Web Services
* Must have solid technical knowledge on configuring, hardening and managing RedHat Enterprise Linux, Microsoft Windows / Server systems.
* Strong interpersonal skills, ability to work autonomously and on a team.
* Strong written communication skills including the ability to document/diagram information systems and procedures, produce RMF accreditation packages, create Cyber Security policies, and generate other security artifacts.
DESIRED QUALIFICATIONS & EXPERIENCE:
* Active TS/SCI
* IAT or IAM III Certification
* Experience supporting RMF for an Army project
* Experience with HP Fortify
* Experience with Openstack virtualization
* Experience with FedRAMP and Cross Domain Solutions
Parsons is a company providing software and hardware products, technical services, and integrated solutions in the defense, intelligence, and critical infrastructure markets.