The job below is no longer available.
Similar available jobs
in Chantilly, VA
Est. $14.63 - $22.69 Full-time Merrifield, VA 22082 Urgently Hiring
Full-time Merrifield, VA 22082 Urgently Hiring Est. $59.52 - $85.32 Full-time Burke, VA 22009 Urgently Hiring Est. $30.33 - $52.13 Full-time Fairfax station, VA 22039 Urgently Hiring
Full-time Merrifield, VA 22082 Urgently Hiring Est. $16.10 - $21.08 Full-time Merrifield, VA 22082 Urgently Hiring Est. $30.33 - $52.13 Full-time Merrifield, VA 22082 Urgently Hiring
IT Security Analyst
Est. $37.53 - $62.07 Full-time Fairfax station, VA 22039 Urgently Hiring
IT Security Engineer
Est. $30.33 - $52.13 Full-time Merrifield, VA 22082 Urgently Hiring
Information Systems Security Engineer (ISSE) - Full-time
Chantilly, VA 20153
30 days ago
$49 per hour
About this job
The job duties of the Information System Security Engineer (ISSE) are as follows:
- Responsible for the implementation of the National Institute of Standards and Technology (NIST) Special Publication 800-37, Guide for Applying the Risk Management Framework (RMF) Steps 1-3 for assigned information systems/assets. Each ISSE will be assigned as Primary and alternate on average for 4-7 systems depending on the complexity of the system. As a Primary ISSE, responsible for leading the asset RMF team and submitting weekly status reports. Daily tasks would be dependent on which RMF Step the assigned system is currently in.
- Step 1 - Categorize, by determining the criticality of the information and system according to potential worst-case, adverse impact to the organization, mission/business functions, and the system.
- Step 2 - Select security controls (NIST SP 800-53, Security and Privacy Controls for Information Systems and Organizations) starting with the appropriate baseline using categorization output from Step 1 to apply tailoring guidance as needed based on risk assessment.
- Step 3 - Implement security controls within enterprise architecture and systems using sound system security engineering practices (see SP 800-160); apply security configuration settings.
- Supports the Information System Security Manager & Information System Security Engineer Lead.
- Coordinates with the Information System Security Analysts, and system administrators for control implementation and Plans of Actions and Milestones (POA&Ms) closeout requirements.
- Coordinates with Information System Security Officers and other teams as required for continuous monitoring activities required for assigned information systems/assets.
- Ensures systems designs support incorporation to customer continuous monitoring solutions (i.e., Vulnerability Alerts, Splunk, Enterprise Scanning, etc.
- Required to become proficient on the Customer's Assessment and Authorization tool to track and document the RMF steps.
Required Skills, Experience, and Education:
- Candidate must have 10 years of experience that can be a combination of work history and education. This equates to:
- Doctorate and 3 years of experience; OR
- Masters and 4 years; OR
- Bachelors and 6 years; OR
- Associates and 8 years; OR
- HS and 10 years.
- Must have certifications to meet minimum requirements for DoD 8570 IAT Level 2 certification requirements; level 3 requirements are acceptable as well. Level II certifications must be obtained within six (6) months:
- Certified Network Defender (CND)
- COMPTIA Cybersecurity Analyst (CYSA+)
- COMPTIA Security+
- GIAC Security Essentials (GSEC)
- Global Industrial Cyber Security Professional (GICSP)
- Implementing and Administering Cisco Solutions (CCNA)
Systems Security Certified Practitioner (SSCP)
Required Clearance: Active TS/SCI, with CI Poly.