The job below is no longer available.

Similar available jobs

in Chantilly, VA

$49 per hour
About this job

The job duties of the Information System Security Engineer (ISSE) are as follows:

  • Responsible for the implementation of the National Institute of Standards and Technology (NIST) Special Publication 800-37, Guide for Applying the Risk Management Framework (RMF) Steps 1-3 for assigned information systems/assets. Each ISSE will be assigned as Primary and alternate on average for 4-7 systems depending on the complexity of the system. As a Primary ISSE, responsible for leading the asset RMF team and submitting weekly status reports. Daily tasks would be dependent on which RMF Step the assigned system is currently in.
  • Step 1 - Categorize, by determining the criticality of the information and system according to potential worst-case, adverse impact to the organization, mission/business functions, and the system.
  • Step 2 - Select security controls (NIST SP 800-53, Security and Privacy Controls for Information Systems and Organizations) starting with the appropriate baseline using categorization output from Step 1 to apply tailoring guidance as needed based on risk assessment.
  • Step 3 - Implement security controls within enterprise architecture and systems using sound system security engineering practices (see SP 800-160); apply security configuration settings.
  • Supports the Information System Security Manager & Information System Security Engineer Lead.
  • Coordinates with the Information System Security Analysts, and system administrators for control implementation and Plans of Actions and Milestones (POA&Ms) closeout requirements.
  • Coordinates with Information System Security Officers and other teams as required for continuous monitoring activities required for assigned information systems/assets.
  • Ensures systems designs support incorporation to customer continuous monitoring solutions (i.e., Vulnerability Alerts, Splunk, Enterprise Scanning, etc.
  • Required to become proficient on the Customer's Assessment and Authorization tool to track and document the RMF steps.

Required Skills, Experience, and Education:

  1. Candidate must have 10 years of experience that can be a combination of work history and education. This equates to:
  • Doctorate and 3 years of experience; OR
  • Masters and 4 years; OR
  • Bachelors and 6 years; OR
  • Associates and 8 years; OR
  • HS and 10 years.
  1. Must have certifications to meet minimum requirements for DoD 8570 IAT Level 2 certification requirements; level 3 requirements are acceptable as well. Level II certifications must be obtained within six (6) months:
  • Certified Network Defender (CND)
  • COMPTIA Cybersecurity Analyst (CYSA+)
  • COMPTIA Security+
  • GIAC Security Essentials (GSEC)
  • Global Industrial Cyber Security Professional (GICSP)
  • Implementing and Administering Cisco Solutions (CCNA)

Systems Security Certified Practitioner (SSCP)
Required Clearance: Active TS/SCI, with CI Poly.