Today
Secret
Unspecified
Unspecified
IT - Security
San Diego, CA (On-Site/Office)
TIAG is seeking a highly skilled Information Systems Security Engineer (ISSE) to support the Naval Information Warfare Center (NIWC) Atlantic and the Commander, Navy Installations Command (CNIC) PSS Program.
The ISSE will play a critical role in ensuring the security and compliance of our information systems within the Department of Defense (DoD) environment, specifically adhering to the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). The successful candidate will be responsible for a wide range of security activities, from documentation and policy compliance to vulnerability management and system hardening, collaborating closely with various internal and external stakeholders.
Key Responsibilities:
Required Experience:
TIAG is a federal contractor and an equal opportunity and affirmative action employer that does not discriminate and employment decisions shall be based solely on merit and without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.
This policy applies to all terms and conditions of employment. To achieve our goal of equal opportunity, TIAG maintains an affirmative action plan through which it makes good faith efforts to recruit, hire, and advance in employment qualified individuals with disabilities and protected veterans.
Pay Range: $110,000 - $150,000 per year
The ISSE will play a critical role in ensuring the security and compliance of our information systems within the Department of Defense (DoD) environment, specifically adhering to the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). The successful candidate will be responsible for a wide range of security activities, from documentation and policy compliance to vulnerability management and system hardening, collaborating closely with various internal and external stakeholders.
Key Responsibilities:
- Assemble all required documentation as outlined by the ISSM for the RMF packages.
- Assist with updating policy and documentation along with maintaining compliance with National Institute of Standards (NIST) SP 800-53 rev 4 specifically during the continuous monitoring phase of the lifecycle.
- Develop a Security Assessment Plan (SAP) in accordance with the Navy RMF Process Guide and using the templates provided in the RMF Knowledge Service (RMF KS).
- Assess security controls, Security Technical Implementation Guides (STIGs), and Assured Compliance Assessment Solution (ACAS) scans in accordance with governing policies.
- Process, maintain compliance, and verify completion of ACAS, STIG, and Security Content Automation Protocol (SCAP) files, report any open findings or vulnerabilities to the program and propose mitigations.
- Maintain compliance in Vulnerability Remediation Asset Manager (VRAM) and DoD Information Technology Portfolio Repository-Navy (DITPR-DON)/ DON Application and Database Management System (DADMS).
- Understand NIST, Committee for National Security Systems (CNSS), DoD/DON Communications Task Orders (CTOs, TASKORDS), and Information Assurance Vulnerability Management (IAVMs).
- Assist Enterprise Architect with creating system authorization boundary diagrams encompassing traceability back to Hardware, Firmware, Software, Ports, Protocols and Services (PPS) lists, and ACAS while complying with Defense Information Systems Agency (DISA) standards.
- Review and update system PPS list and ensure compliance in accordance with Department of Defense Instruction (DoDI) 8551.01.
- Interacts frequently with internal personnel and outside representatives at various levels.
- Assist system administrators with implementation or application for all applicable STIGs, industry best security and design practices, and implement all applicable Information Assurance Vulnerability Alert (IAVA) security requirements.
- Regularly uploads ACAS scanner security scans of network infrastructures to the Enterprise Mission Assurance Support Service (eMASS) portal.
- Track plans of actions and milestones (POA&M) in eMASS and assist in developing schedules and mitigations.
- Assist system administrator with fixing all vulnerabilities or security issues required to be remediated within the required time frame.
- Support the implementation configuration/setup, test, maintenance and upgrade of hardware/software within the assigned system's authorization boundary.
Required Experience:
- Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related field.
- Ten (10) years of experience preparing, implementing, and ensuring compliance with cybersecurity policy, to include Assessment and Authorization requirements.
- IAT Level III or IAM Level III certification.
- Ability to work independently and collaboratively within a fast-paced, mission-critical environment.
- Must be a U.S. Citizen and possess the ability to obtain and maintain a DoD Secret (or higher) security clearance.
TIAG is a federal contractor and an equal opportunity and affirmative action employer that does not discriminate and employment decisions shall be based solely on merit and without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.
This policy applies to all terms and conditions of employment. To achieve our goal of equal opportunity, TIAG maintains an affirmative action plan through which it makes good faith efforts to recruit, hire, and advance in employment qualified individuals with disabilities and protected veterans.
Pay Range: $110,000 - $150,000 per year
group id: 10382671
