Information Security System Engineer

Canfield Cyber Defense Group is looking for an experienced information security system engineer to support an upcoming contract with the Defense Information Systems Agency. This position will provide independent validation and verification to ensure that DISA capabilities are following policy, such that the capabilities are cyber secured.

Please note that this position is contingent upon contract award.

• 10years of specialized experience in the field of information systems securityengineering.
• Holdan active Secret clearance.
• Information Assurance Systems Architect and Engineer (IASAE) Level III certified in accordance with DoD 8570.01-M
• Expert knowledge of information security architectures and infrastructure including network designs, web services, application services, databases, directories,cloud technologies, virtual environments.
• Strong background in cybersecurity DoD standards;e.g. National Institute of Standards and Technology (NIST) Special Publications (SP), DoD Memorandums, Security Technical Implementation Guides (STIGS), Committee on National Security Systems(CNSS), DoD Instructions, Internet Engineering Task Force (IETF), Risk Management Framework (RMF) and other DoD and commercial standards.
• Capableof communicating cybersecurity policies and principals at all levels of the organization; prepare/present briefings to senior management officials oncomplex Information Security issues.
• Ableto collaborate closely with systems engineers, developers, contractors, program management offices to mitigate design risks and to recommended solutions toaddress security flaws identified in system designs. Evaluate and provide oversight on securityarchitectures and design requirements in all phases of the system life cycles.
• Demonstratedexpertise in bridging the gap between high level DoD and Commercial security policies and best practices to the technical and operational implementation ofthose requirements. Focus on porting requirements to cutting-edge technologies such as Docker Containers, Infrastructure as a Service (IaaS), etc.
• Capable of utilizingengineering experience to develop robust technical solutions and identifysecurity tools to aid mitigating security vulnerabilities and creatingrepeatable processes.
• Able to provide feedback on the STIG recommendations identified by the material developer.
  
  Ensure that the developer understands the requirements and the proposed designis compliant with requirements identified in these STIGs.
• Capable to leadand conduct Security Engineering Reviews (SERs) for the purposes of verifying all IA aspects of the design and ensuring the developer understands the requirements.
• Experienced in conducting analysis of software for risk assessment and approval into the software baseline (Open Source Software (OSS), commercial off the shelf (COTS),reuse of government off the shelf (GOTS), freeware, shareware, mobile code).
• Experience inparticipating in the Cybersecurity Validation Hot Washes, Cybersecurity Team meetings, and the Cyber Security Assessment Readiness Review (CSARR) meetings.

Attach Resume *