Skip to main content
Full-time, Part-time
Port Hueneme, CA 93041
Updated 30+ days ago
As a Senior ISSE (Information Systems Security Engineer) for Effecture, you will provide cybersecurity support, lab management, technology development support, control system engineering support, cyber programmatic support, and training services. Job Duties:
-Provide full RMF lifecycle support, including, but not limited to, assistance with system security categorization, system security control selection, tailoring, enhancement, compensation and supplementation, system security control assessments and implementation, artifacts, and continuous monitoring support.
-Provide support in operational, technical and process of system A&A packages, to include development and analysis of required policies and other deliverables as required throughout RMF lifecycle.
-Work closely with system owners to guide them through RMF lifecycle of Operational Technology (OT) systems.
-Determine the appropriate information types and identifies applicable security controls based on Confidentiality, Integrity, and Availability impact.
-Assist architects and systems developers in the identification and implementation of appropriate information security control to ensure uniform application of security policy and enterprise solutions.
-Validate and verify system security requirements definitions and analysis to establish system security designs using tools like DoD ACAS, STIGs, SCAP, and Vulnerator.
-Review assessment and authorization (A&A) documentation, providing feedback on completeness and compliance of its content.
-Assess and mitigate system security threats/risks throughout the program life cycle.
-Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.
-Apply system security engineering expertise in one or more of the following: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security testing.
-Support security authorization activities in compliance with DoD Risk Management Process (RMF) process and other DoD and DoN policies and procedures.
-Participate as a security engineering representative on engineering teams for the design, development, implementation and/or integration of secure networking, computing, and enclave environments.
-Apply knowledge of cyber security policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments.
-Support security planning, assessment, risk analysis, and risk management. Qualifications:
-Active secret clearance.
-Bachelor’s degree in Cybersecurity, Information Technology, Engineering, or related field highly preferred.
-IAT Level II (CISSP, CASP, etc.) required.
-5+ years of experience with the development, review, and approval of Navy RMF A&A/DIACAP C&A packages for software systems and enclaves; Assured Compliance Assessment Solution (ACAS) experience desired.
-Experience with ICS/SCADA systems.
-Experience with DoD Enterprise Mission Assurance Support Services (eMASS) & Vulnerability Remediation -Asset Manager (VRAM).
-Experience with IA/INFOSEC concepts and requirements: Firewall Policy, Ports, & Protocols, Cybersecurity, Cybersafe, DoD A&A processes and standards, etc.
-Experience with the Defense Information Systems Agency published Security Technical Information Guidance (STIG) requirements and compliance process, SCAP Content Checker, Security Readiness Review (SRRs), and other DoD approved tools like Vulnerator.
-Excellent verbal and written communication skills.
-Travel up to 20%. At Effecture an METI company, we understand that our biggest asset is our people and as a small business, we are able to invest in our employees in a unique way. Each day you’ll leave with a sense of pride about what you do, being part of a team that supports the servicemen and servicewomen by working on the tactical network and improving communication. To see an overview of our benefits, please visit Effecture is an Equal Employment Opportunity (EEO) employer. It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.
Posting ID: 649670234 Posted: 2021-10-25 Job Title: Senior Information Security Engineer