Title: | System Security Engineer (ISSO) |
---|---|
ID: | 1413 |
Location: | Quantico, VA |
Job Responsibilities:
- Secure certifiable infrastructure, core services, and application and ensure the security is maintained, and vulnerabilities are mitigated, in compliance with DOJ/FBI/CODIS requirements.
- Implement and maintain Defense-in-depth to include integrity, availability, authenticity, confidentiality, and non-repudiation of information. Identify security incident ranging from suspicious activity to security violations and ensure prompt reporting to the Government.
- Where necessary, implement security countermeasures to protect the integrity of information assets
- Diagnose the underlying drivers of performance gaps and security postures of the system
- Ensure that infrastructure continually meet or exceed current compliance rating which is base on the FBI/CODIS security inspections or FISMA programs and requirements
- Ensure security is included and considered from system initiation until disposal
- Enable consistent, comparable, and repeatable assessment of IT security controls in accordance with DOJ/FBI/CODIS IT requirements
- Promote a better understanding of FBI/CODIS-related mission risks resulting from the operation of IR systems and their security and IA to all CODIS personnel and end users
- Support consistent, well-information and ongoing authorization decision through continuous monitoring, transparency of security, and risk management-related information
- Ensure all systems within the CODIS accreditation boundary meet or exceed all defined CODIS security accreditation requirements and comply with the processes defined in the CODIS Configuration Management Plan
- Coordinate daily (federal workdays) with CODIS management and information security personnel on I and security policies, procedures, issues, problems, risks and incidents
- Review Government policies and processes looking to improve efficiency in the creation, review and submission of security assessment and authorization packages reducing the time to achieve ATO and maintain a continuous monitoring process.
- Perform operation system, application, hardware/infrastructure, etc. hardening using DISA Security Technical Implementation Guidelines (STIGs) and/or SRGs as applicable for all appropriate systems within the CODIS accreditation boundary.
- Respond to 24x7x365 mission critical incident defined by CODIS Operations PM, onsite or remotely, within a (2) two-hour window from being notified by the COR/CO
- Preferred Education: Bachelor’s degree in system engineering, Computer Science, Information Systems, Engineering Science, Engineering Management, or a related discipline
- Minimum of at least one (1) certification must be active relating to information security such as: Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC) security certification (e.g. GCIH, GWAPT, GPEN, GSLC, etc.), or CompTIA Security +.
- Minimum of three (3) years of demonstrated experience in the Information Security (Cybersecurity or Information Assurance) field including:
- Knowledge of developing, maintaining, and managing Security Authorizations and Assessments packages
- Experience with developing and managing Plans of Action & Milestones (POA&Ms)
- Displays technical experience with conducting research and providing review recommendations on software and technologies for vulnerabilities.
- Technical experience with reviewing vulnerability scans and providing mitigation techniques.Experience in conducting annual assessments.
- Possess experience developing and testing Contingency Plans.
- Experience with conducting audit log reviews.
- Experience with NIST Special Publications and guidance.
- Minimum of three (3) years of working experience with the latest version of Microsoft Office Suite (Word, Excel, and PowerPoint) and SharePoint (User).
- At least secret level security clearance
Data Intelligence, DI is an established small business that has supported the critical missions of our government clients since 2005. We provide full life cycle system development, systems engineering, cybersecurity, and supporting analytical and logistics support to C4ISR and other complex systems. We are an equal opportunity employer that offers competitive salaries, comprehensive benefits, a team-oriented environment, and opportunities for advancement. Our excellent employee retention record reflects our employee focus. We work with Veteran’s organization to proactively hire those who have served our country. We offer medical, dental and vision insurance, 401k, PTO and 11 paid holidays.
Data Intelligence is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.