Information Systems Security Engineer; ISSE ; Government Security Clearance

Position: Information Systems Security Engineer (ISSE I) (Government) with Security Clearance
AT&T Global Public Sector is a trusted provider of secure, IP enabled, cloud-based, network solutions and professional services to the Federal Government. We are dedicated to recruiting, developing and empowering a diverse, high-performing workforce that is passionate about what they do, committed to our shared values and dedicated to our customers' mission. The scope of this Contract requires specialized expertise in areas such as high-performance computing (HPC), automated processing systems, distributed software design, and secure hosting and networking solutions.

The IT infrastructure consists primarily of Linux. The environment includes a variety of network devices, server interconnections, mass storage solutions, and essential supporting infrastructure services. The services provided under this Contract support areas including HPC, infrastructure maintenance for HPC systems, networking, office automation, and the development of specialized software. AT&T has an opening for an Information Systems Security Engineer to support information assurance programs and ensure the security posture of mission critical systems.

The ISSE will play a key role in supporting security authorization activities in alignment with program and government requirements. Description of

Job Duties /Responsibilities:
The Information Systems Security Engineer (ISSE) supports the engineering, assessment, and authorization of secure information systems and enclave environments. This role conducts technical security assessments to identify vulnerabilities and non-compliance with Information Assurance (IA) requirements; validates security requirements; and contributes to secure-by-design solutions across networking, computer, and multi-enclave architectures with varying data protection and classification needs. The ISSE partners with system architects, developers, and stakeholders to ensure consistent application of security policy and enterprise solutions and supports risk management activities throughout the system life cycle in alignment with DoD and IC security frameworks.

Key Responsibilities:

* This position requires office presence a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered. Work to be performed at government customer site.

* Perform and/or review technical security assessments to identify vulnerabilities, weaknesses, and non-compliance with IA standards; recommend and track mitigation strategies.

* Validate and verify system security requirements and contribute to security requirements definition and analysis.

* Establish and support system security designs for networking, computing, and enclave environments, including multi-enclave solutions with differing data protection/classification needs.

* Design, develop, implement, and/or integrate security controls and security-relevant system components into operational environments (secure-by-design/secure-by-default).

* Partner with architects and system developers to identify and implement appropriate security functionality that aligns with agency policy and enterprise solutions.

* Support the development of security architectures and enforce trusted relationships among external systems and architectures.

* Assess and mitigate system security threats and risks across the program and engineering life cycle.

* Support security planning, assessment, risk analysis, and risk management activities for system and network operations.

* Review certification and accreditation / authorization documentation and provide feedback on completeness and compliance.

* Support security authorization activities in compliance with NSA/CSS NISCAP, DoD RMF, and the NIST RMF, as well as applicable NSA/CSS security engineering business processes. Technical Skills and Tools:
* Risk Management Framework (RMF) knowledge, including end-to-end RMF process execution, Authority to Operate (ATO) support, security control implementation/assessment, and continuous monitoring.

* Experience with RMF tools such as LATTEART, XACTA, BISCOTTI, WATCHCAT, and STE.

* Familiarity with NIST guidance, including NIST SP 800-53 (Rev. 5 and/or Rev.
3) and NIST SP 800-37, and applying security controls to system and network environments.

* Hands-on experience supporting Assessment & Authorization (A&A), including security control traceability, boundary definition, artifacts and body of evidence (BoE), and documentation quality/completeness reviews.

* Experience implementing technical security requirements, including STIG implementation, false positive validation, patch management, and technical validation activities.

* Knowledge of IA principles (confidentiality, integrity, availability, non-repudiation, and access control).

* Understanding of security engineering across the system development life cycle (requirements, design, integration, testing, and sustainment).

* Experience contributing to secure system and network design (e.g., enclave environments, system integration, and trusted…