Information Systems Security Engineer; ISSE

Overview

Information Systems Security Engineer (ISSE)

K ’s National Security Solutions team provides high-end engineering and advanced technology solutions to our customers in the intelligence and national security communities. In this position, your work will have a profound impact on the country’s most critical role – protecting our national security.

• Develop and maintain documentation and diagrams for security tools, system environments, and cloud operations.
• Perform requirements analysis, design, and integration for complex software applications and collaboration infrastructures.
• Participate in the change management process, including reviewing Change Requests and assisting in the assessment of security impact of proposed changes.
• Write implementation and design documents describing how security features are implemented.
• Create and maintain information system security documentation, Standard Operating Procedures (SOP), and provide guidance on active Plans of Action and Milestones (POA&M).
• Conduct periodic and continuous monitoring of the system, procedures, and documentation to ensure compliance with the authorization package.

• Location:
  
  On-site, Lorton, VA
• Travel Requirements:
  Minimal 0-25%
• Working Hours:
  
  Standard

Required:

• 7+ years' technical experience in cybersecurity, information technology, or systems engineering
• Must have experience working with Special Access Programs (SAPs)
• Strong proficiency fault tolerance, and Reliability, Maintainability, Availability (RMA) subject matter.
• Must possess excellent analytical skills and be capable of quantifying risk to enterprise systems and level of compliance with security policy
• Excellent communication skills (verbal and written) required

Education:

• Master’s Degree in engineering, computer science, cybersecurity, networking, or programming
• Current/active Top Secret/SCI;
  Current or recent DoD SAP access
• Subject to a Counterintelligence (CI) polygraph

• Advanced knowledge in one or more of the following areas:
• Java, Python, Ruby and/or C++
• Linux Expertise (Red Hat/RHEL or CentOS preferred)
• Dynamic & Static Application Security Scanning (e.g., Arachni, OWASP ZAP, Burp Suite, Fortify, Checkmarx, etc.)
• Virtualization and containers (EC2, Docker)
• Infrastructure Security Scanning, Vulnerability Scanning (Twistlock, ACAS/Nessus)
• Certification Requirements in one or more of the following:
• Certified Information Systems Security Professional (CISSP).
• Certified Cloud Security Professional (CCSP).
• Information Systems Security Engineering Professional (ISSEP)
• DOD Information Technology Security Certification and Accreditation Process (DITSCAP)
• DOD Information Assurance Certification and Accreditation Process (DIACAP)