Information System Security Engineer; ISSE​/Cybersecurity Systems Engineer; TS Cleared

Req : 369253

Information System Security Engineer (ISSE) / Cybersecurity Systems Engineer (TS Cleared)

We are currently seeking a Information System Security Engineer (ISSE) / Cybersecurity Systems Engineer (TS Cleared) to join our team in Quantico, Virginia (US-VA), United States (US).

• Manage, monitor, and maintain IT infrastructure to ensure system uptime and optimal performance.
• Maintain performance to ensure that the throughput of the system does not degrade unexpectedly as the volume of work increases
• Perform regular system backups, recovery procedures, and data management tasks.
• Provide technical support and assistance to users.
• Develop and maintain system documentation, including configurations, procedures, and troubleshooting guides.
• Plan and implement software updates, hardware upgrades, and migrations with minimal disruption to operations.
• Provide technical support for systems and applications.
• Monitor and optimize the performance of the infrastructure.
• Develop and implement backup and recovery strategies.
• Ensure compliance with security and regulatory standards.
• Create, modify, disable user accounts in accordance with account management procedures.
• Monitor and review audit logs for suspicious activity
• Develop and/or update standard operation procedures (SOPs) for all activities
• Collaborate and provide supporting artifacts and documentation to ISSO to support RMF process and ATO packages.
• Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information.
• Possess a strong understanding of the NIST Risk Management Framework (NIST SP 800-37), NIST Cybersecurity Framework, NIST Security and Privacy Controls for Information Systems and Organizations (NIST SP 800-53 revisions
  5), Zero Trust Architecture (NIST SP 800-207), Standards for Security Categorization of Federal Information and Information Systems (FIPS-199) and Minimum Security Requirements for Federal Information and Information Systems (FIPS 200).
• Possess familiarity with STIG Viewer, SCAP Compliance Checker (SCC), and Visio applications.
• Perform and review Tenable Security Center scans.
• Maintain hardware/software lists.
• Perform operating system, application, hardware/infrastructure, etc. hardening using DISA Security Technical Implementation Guidelines (STIGs) and/or SRGs as applicable for all appropriate systems.
• Implement the latest applicable Security Requirements Guide (SRG), STIG, and/or benchmarks. Utilize the latest Security Content Automation Protocol (SCAP) tool and manual SRGs, STIGs, and/or benchmarks. Analyze latest STIG updates on a minimum of a quarterly basis.
• Collaborate with system administrators, network operations, etc. to address system vulnerabilities, track progress and ensure security measures are implemented effectively.
• Conduct security control assessments and validations of a system's technical and non-technical security features to mitigate known threats and vulnerabilities effectively. These assessments should comprehensively identify and assess impacts while also considering existing risk mitigation strategies.
• Ensure the completion of all necessary RMF products and reporting in accordance with policy and in collaboration with the information system security officer/security control assessor.
• Assist in updating any documentation related to risk assessments (such as risk assessment reports, plan of actions & milestones (POA&M), etc.) based on the results of assessments.
• Conduct the necessary vulnerability analysis to facilitate the mitigation and determination of residual risk as required.
• Provide support for the continuous monitoring program as needed, especially when system level continuous monitoring results are essential to meet ongoing authorization requirements.
• Assist in contingency planning, testing, and execution as necessary.
• Support the incident response process and actively participate in meetings with the program team, offering updates on project status.

• Bachelor's degree in related fields (e.g. Computer Management Information Systems, Computer Science) or six (6) years applicable experience to include four (4) years of specialized experience.
• Minimum 5 years supporting information security roles/responsibilities as listed above.
• One or more of the following certifications: ISC2 CGRC, ISC2 SSCP, CompTIA CySA+, CompTIA Security+ CE, and/or ISC2 Certified in Cybersecurity.
• Active top secret security clearance.

• Experience with Big Fix, Nutanix, Splunk, Tenable Security Center, Security Compliance Checker, Security Technical Implementation Guide (STIG) Viewer, NMAP, Nipper, Wireshark, Microsoft Defender for Endpoint, RSA Authentication Manager, Microsoft Windows Active Directory, Cisco Firepower Management Center.
• Microsoft Certified Professional (MCP), Cisco Certified Network Associate (CCNA), and/or VMware Data Center Virtualization.
• Experience with network engineering or willingness to cross-train as a network engineer.

NTT DATA endeavors…