Senior Specialist, Information Security Systems Engineer TS​/SCI w​/Poly - Palm Bay, FL

L3

Harris is dedicated to recruiting and developing high-performing talent who are passionate about what they do. Our employees are unified in a shared dedication to our customers’ mission and quest for professional growth. L3

Harris provides an inclusive, engaging environment designed to empower employees and promote work-life success. Fundamental to our culture is an unwavering focus on values, dedication to our communities, and commitment to excellence in everything we do.

L3

Harris Technologies is the Trusted Disruptor in the defense industry. With customers’ mission-critical needs always in mind, our employees deliver end-to-end technology solutions connecting the space, air, land, sea and cyber domains in the interest of national security.

Job Title: Senior Specialist, Info Security Sys Engineering

Job Code: 26967

Job Location:
Palm Bay, FL

Job Schedule: 9/80

Job Description:

Applies current systems security engineering methods, practices and technologies to the architecture, design, development, evaluation and integration of systems and networks to maintain system security. Works closely with Government customers to ensure that the security protection needs, concerns and requirements are defined and implemented with appropriate fidelity and rigor, early and in a sustainable manner throughout the life cycle of system that will allow for the security authorization of the system of interest.

Works with systems developers or commercial product vendors in the design and evaluation of state-of-the-art secure systems, networks, and database products. Uses methods such as encryption technology, vulnerability analysis and security management. Responsible for integration of multiple methods into a cohesive system security perimeter and environment and the policies and procedures necessary to monitor and maintain such an environment. Will prepare Certification and Accreditation documentation, using multiple standards, to achieve security authorization of supported systems.

Represents program security needs, concerns and requirements at customer meetings.

Essential Functions:

• Apply advanced systems security engineering methods, practices, and technologies to the architecture, design, development, evaluation, and integration of secure systems and networks.
• Collaborate closely with Government customers and internal staff to define, implement, and maintain security protection needs, concerns, and requirements throughout the system lifecycle, ensuring security authorization.
• Design, implement, and manage security controls and configurations for both Linux and Windows systems, including system hardening, vulnerability assessments, and penetration testing.
• Prepare and manage Certification and Accreditation documentation using RMF and derivative processes (e.g., DOD 8510, JSIG, ICD-503, CNSSI 1253) to achieve security authorization of supported systems.
• Conduct Static Application Security Testing (SAST) for Application Security and Development STIG compliance, and navigate DoD software selection and approval processes for COTS, GOTS, and FOSS.
• Configure and manage logging for Linux and Windows systems, ensuring relevant security events are captured and forwarded to Splunk servers for analysis and monitoring.
• Monitor and analyze security logs and alerts from Splunk, investigating potential security incidents and taking appropriate actions to mitigate risks.
• Experience with security tools such as IDS/IPS, vulnerability scanners, and endpoint protection solutions
• Develop, document, and maintain security policies, procedures, and guidelines for system hardening, configuration management, and emerging security technologies.
• Develop and implement incident plans and procedures to ensure that security incidents are responded to promptly and effectively.
• Perform functional analysis, timeline analysis, detailed trade studies, requirements derivation and allocation, and interface definition studies.
• Contribute to Information Security Engineering activities, including CDRLs, trade studies, security requirements analysis, secure architecture development, compliance with security controls, and security test/verification activities.
• Identi…