Job Title: Senior/Intermediate/Junior Information System Security Engineer / ISSE
Location: Springfield, VA
Cyber Security/Information Assurance/Security Engineer responsible for technical security controls, security configurations, hardening and security services implementation and RMF support supporting NGA. This role secures the largest critical mission system at NGA including virtual and physical hosts across multiple data centers and cross domain systems. This is a rare career-making and learning opportunity for the right person—a make-a-difference role with a positive impact on National Security.
• Performance in multiple areas of information security including security engineering, product risk assessment, enterprise security compliance, secure systems configuration, hardening Windows operating systems, secure workstations, secure data management, secure web technology, and secure protocols, enterprise authentication, and security testing.
• Deliver technical security configuration updates and expertise in dealing with changes caused by internal and external factors and in developing solutions and recommendations for issues caused by process, threat and technology changes
• Act as trusted security engineering advisor to senior leadership
• Provide professional knowledge and experience of information systems security policies and practices.
• Develop security architectures, and engineering system specifications implementing these as controls in development and operational systems
• Develop System Security Plan component documentation, test results, and evidence to support government ATO decisions
This position is a challenging role in a multi-contractor team supporting a fast-moving project. In this role, you will execute tasks and support for the development team supporting agile software capability deliveries. This task requires expertise in Information Assurance--you need to be the go-to technical security person. Establishing a track record of reliability and trust with team members and security stakeholders is crucial. As part of the LP3 team, occasional consulting on other projects as well as RFI and proposal support are also required.
Key success attributes:
- Hands-on experience scanning and hardening servers, workstations, and network systems and assisting the team in remediating vulnerabilities
- Strong network and host security background in Windows
- VMWare, WSUS, and patching experience
- Linux system administration experience
- Ability to communicate effectively with senior management in government and contractor teams
- Ability to plan, design, and implement secure solutions
- Ability to effectively communicate and advocate key security requirements and control implementation to the development team
- Experience ensuring systems comply with key government security requirements and demonstrate that through executing verification testing with government security stakeholders
- Outstanding communication skills including verbal and written; Word, PowerPoint, Excel, Visio, Project, and other tools to communicate with peers and customers at all technical levels
The ideal person for this role is flexible, hands-on experienced, technically capable, self-motivated, and can effectively influence others to deliver the right solution for the customer. Creativity, personal backbone, and IT security experience are required. Extensive hands-on Information Assurance experience is required to be successful in this position. A mix of professional relationship skills and technical skills are required in this role.
Occasional, 2-7 day trips to other CONUS/OCONUS customer facilities may be required 1-2 times per year.
- SCI clearance with current SSBI (active SCI within the last 2 years)
- Experience in system hardening on Windows and Linux
- Knowledge of NIST 800-53 security control requirements
- Bachelor's degree (or equivalent experience for some positions)
- 7+ years experience in hands-on Information Assurance positions
- Experience working on and supporting classified networks
- Experience working in a team environment on similar tasks
- DoD 8570 certification (IAT-III)
Strongly desired qualifications/skills:
- Strong Windows administration and hardening experience
- STIG hardening experience
- Cross domain experience
- Cloud migration and hosting experience
- Audit analysis experience
- Security architecture and engineering experience
- Experience with ACAS and other scanning tools
- Bachelors or Master’s degree in IA/Cyber Security/Computer Science
- Advanced IT certifications--technical certifications such as CISSP, MCSE, CCIE, SANS, etc.
This position is offered by LP3. LP3 is an innovative small company delivering Information Assurance consulting expertise to DoD and IC customers. LP3 is an Equal Opportunity Employer. We hire VETS!
If you are cleared, qualified, and interested in this opportunity please email a detailed technical resume to: careers@LP3.com
LP3 is an innovative small company delivering Information Assurance consulting expertise to DoD and IC customers. LP3 is a proven leader in cyber security services nationwide, providing our customers with solutions tailored to meet rapidly evolving IT and cyber security needs. Our depth of knowledge and experience gained protecting our Nation's IT infrastructure over the past decade allows us to offer the highest caliber of IT and security services to our corporate clients. At LP3, we consider our people our most valuable asset. We are committed to providing an environment that fosters growth, respect, and integrity. As an employee of LP3, you will be empowered to contribute and make a difference on day one.
Compensation Comments: Compensation is dependent on experience levels and the rates available to us on various contracts. LP3 makes offers to people based on their experience, attitude, and their fit for a particular contract.