Information System Security Engineer (ISSE) Level 3/SME

Overview

Arcfield was purpose-built to protect the nation and its allies through innovations in digital transformation, space mission engineering and launch assurance, miniaturized sensors and satellites, advanced modeling and simulation, cybersecurity, and conventional and hypersonic missile support. Headquartered in Chantilly, VA with 16 global offices, Arcfield employs more than 1,500 engineers, analysts, IT specialists, and other professionals with more than 60 years of collective proven experience supporting missions in cyber and space defense, space exploration, hypersonic and nuclear deterrence and warfighter readiness. Visit arcfield.com for more details.

Responsibilities

Arcfield's Cyber programs are expanding and are currently in need of Information System Security Engineer (ISSE) Level 3/SME professionals to provide ISSE lifecycle support to our Chantilly VA customer and will be responsible for capturing and refining information protection requirements to ensure their integration into IS acquisitions and IS development through purposeful security design or configuration. In this role you will be recognized as an expert within the company, who designs, researches and develops highly advanced applications, which may result in new product/business opportunities for the company. Note: An offer for this position is contingent upon contract award.

Responsibilities include, but are not limited to:

• Providing ISSE lifecycle support following NIST SP 800-160v1 and Customer RMF principles
• Assessing and mitigating risks, providing recommendations to the Government
• Researching and advising on new countermeasures for terrestrial and space systems
• Developing and implementing effective security programs
• Evaluating risks of integrating new systems into existing environments
• Implementing and integrating Cross Domain Solutions
• Analyzing IA/IS environments and providing INFOSEC recommendations
• Recommending security architectures and network security measures
• Identifying and analyzing IA-related vulnerabilities, threats, and risks
• Coordinating remediation plans for addressing vulnerabilities
• Developing authorization packages for ATO within required timelines
• Guiding implementation of corrections for technical vulnerabilities
• Providing guidance on security configuration control of hardware and software
• Collaborating with program leads and SMEs on acquisition programs and projects
• Supporting various meetings and reviews related to cybersecurity and INFOSEC
• Following engineering concepts aligned with NIST SP 800-160
• Defining ICS security requirements in coordination with stakeholders
• Adopting and promoting industry best practices for vulnerability management and resilient operations
• Conducting risk assessments and developing mitigation strategies for terrestrial and space systems
• Designing and implementing comprehensive security programs and architecture
• Overseeing integration of IA architecture into IT, ICS/SCADA systems, and Cross Domain Solutions
• Performing E2E development and management of IA systems and components
• Identifying, analyzing, and addressing IA-related vulnerabilities, threats, and risks
• Creating cybersecurity documentation supporting the RMF process and ATO packages
• Applying IA control implementation practices in line with IC and DoD security policies
• Collaborating with stakeholders to define and implement security requirements, especially for ICS systems
• Participating in IA Engineering Working Groups, forums, and relevant meetings
• Integrating security functional requirements into acquisition lifecycle phases using systems engineering principles
• Documenting and maintaining Customer-specific ISSE processes and procedures
• Applying software engineering methodologies, security engineering principles, and secure coding techniques
• Coordinating activities with Authorization and Accreditation stakeholders throughout the system lifecycle

Qualifications

Required:

• Must possess and be able to maintain a TS/SCI clearance with polygraph
• BS 12-15, MS 10-13, PhD 10+
• A STEM degree
• 10 or more years of Information Assurance Systems Architect and Engineer (IASAE) support
• Certifications:
  • CISSP-ISSEP
  • CISSP-ISSAP
  • CISM
  • CISSO
  • CISSP
  • CISSP-ISSMP
  • FITSP-M
  • GCIA
  • GCIA
  • GCSA
  • GICSP
  • GSEC
  • GSLC
• Knowledge of best practices when implementing security controls including:
• SW engineering methodologies
• Security engineering methodologies
• Security engineering principles
• Secure coding techniques
• Coordinate activities with A&A stakeholders
• Knowledge of and experience with:
• ICD 503 and the Government's certification and accreditation process
• Networks, computer components, protocols, and COTS technology
• System methodologies including client/server, web hosting, web content servers, policy servers, directory servers, firewalls, WAN, MAN, LAN, switches, and routers
• SW integration of COTS and GOTS products
• Virtualization platforms and technologies

Desired:

• Education relevant to computer engineering, INFOSEC, information management, and/or computer science
• Experience in technical project management
• Technical experience in:
• (U) Configuring and supporting, at a minimum, Windows, Linux, Unix,
• Mac OS
• (U) Configuring and supporting, at a minimum, VMware, Xen, Hyper V
• (U) SW engineering
• (U) Program design and implementation
• (U) Configuration management
• (U) System maintenance
• (U) Integration testing
• (U) IS engineering

EEO Statement

We are an equal opportunity employer and federal government contractor. We do not discriminate against any employee or applicant for employment as protected by law.