Information Systems Security Engineer; ISSE Security Clearance

Position: 4193 Information Systems Security Engineer (ISSE) with Security Clearance
OVERVIEW:
We are looking for a dedicated Information System Security Engineer (ISSE) to join our team. This position is part of a talented technical team responsible for the ongoing development, operations and maintenance of several networked systems supporting digital forensic investigations running primarily on Windows and utilizing virtual and cloud environments. The ideal candidate must be a self-starter with strong work habits, is able to complete task independently while working as part of a team and have demonstrated career experience as an ISSO or ISSE and with the Federal ATO process.

GENERAL DUTIES:
* Senior level capabilities regarding Information system security. Knowledgeable of current Information Assurance (IA) technologies to the architecture, design, development, evaluation, and integration of applications, systems, and networks to maintain the system security posture. Develops compliancy and standardization within the customer's policies regarding various information systems. Work closely with Government customers to ensure the confidentiality, integrity, and availability of systems, applications, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs;

infrastructure; application;
Security Assessment and Authorization (SAA), IA policy directives (PD) and guides (PG); and IA Security tools (e.g., Tenable.io, Nessus Pro, NMap, etc.).
* Have excellent verbal and written communication skills to be able to accurately relate requirements and document all within the appropriate security document and/or within the RMF system and coordinate with program, other system(s), and security personnel.
* Prepare documentation from templates such as, but not limited to, Configuration Management Plan (CMP), Incident Response Plan (IRP), Information System Contingency Plan (ISCP), and Plan of Action and Milestones (POA&M) to ensure compliance with customer PDs and PGs and Federal IA requirements as well as coordinate review(s) and approvals.
* Must be able to discern the program policies and procedures, identify areas that need work and bring up to management for resolution.
* Identify IA vulnerabilities and coordinate with the Infrastructure and Development teams to correct, mitigated or apply for an exception via the POA&M processes.
* Review vulnerability (i.e., patches, updates, etc.) and compliance (i.e., Security Content Automation Protocol (SCAP) and/or Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG)) scans on the infrastructure and applications to ensure patch and configuration compliance (on-premises and in the cloud (Azure preferred))
* Prepares SAA package(s) to obtain and maintain an authority-to-operate (ATO), authority-to-test (ATT), or other SAA authority types for all systems and applications.
* Attend Configuration Control Board (CCB) meetings and review all change requests for impact to the system/application security posture(s) and applicable Federal and customer PD and PG compliance requirements; and document decisions within the CMP.
* Coordinate security incident and high priority compliance responses with the Enterprise Security Operations Center (ESOC).
* Represent program security interests in various meetings within and outside of the program.
* Schedule and conduct meetings with pertinent program personnel to address findings to determine appropriate path forward and document within the CMP and, if necessary, POA&M.
* Coordinates with other system Information System Security Officers (ISSO) to ensure that their requirements for interconnection, policy and procedures are met and all documentation is provided and updated as necessary.
* Ability to assess current and evolving security threats in an operational environment.
* With an appropriate amount of Government PM guidance, works independently to carry out all technical requirements as directed by the Government PM, Information System Security Representative, Information System Security Manager, and Authorizing Official in a timely manner.

REQUIRED QUALIFICATIONS:

* Ten (10) years…