Information Systems Security Engineer - MEKS

This position is contingent upon contract award and funding

General Summary

Responsible for developing and ensuring secure testing practices for software releases supporting the Military Equipment Knowledge System (MEKS) onto cloud environments.

Principal Duties and Responsibilities (*Essential functions)

• Develop the necessary tests and security scans to support multiple MEKS software releases in a cloud environment.
• Build, secure, and deploy artifacts/images to deploy on the MEKS CI/CD pipeline.
• Secure the cloud environments by ensuring cloud configurations and settings are adhering to established security protocols.
• Ensure software development efforts are utilizing industry best practices.
• Develop, modify, or refine the necessary items for IATT/ATO procurement on all identified networks.
• Draft and deliver all IATT/ATO documentation necessary for RMF compliance into Xacta.
• Identify, evaluate, scope, and prioritize all necessary items and controls for RMF compliance and enter items into Xacta.
• Coordinate with the Cyber Team and technical team to develop an RMF process for control adherence.
• Support system security requirements, design security layout or architecture, and determine required security tools and existing tool functionality.
• Provide Continuous Monitoring (ConMon) to determine if the complete set of planned, required, and deployed security controls continue to be effective. Assess the security impacts by continuously monitoring logs, source code, inventories, and other items necessary for security compliance.
• Provides full assessment of system's security posture.
• Performs security testing to verify cyber security integrity of the product. Designs and recommends mitigations.
• Develops security policies and procedures.
• May provide technical expertise and guidance to more junior team members.

At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our "Family of Professionals!" Learn about our employee-centric culture and benefits here .

Required Experience

Required Qualifications

• Bachelor's degree in computer science, information technology, cyber security, engineering, or related field or equivalent work experience.
• Minimum of 10 or more years of experience conducting information systems security engineering activities to include capturing and refining information security requirements and ensuring their integration into information technology component products through purposeful security design or configuration.
• Knowledge and understanding of the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework) and the NIST Risk Management Framework (RMF).
• Ability to obtain a DoD 8570/8140 Baseline Certification (Security+, CISSP or equivalent) within 90 days of hire.
• U.S. Citizenship required; Active DoD SECRET clearance required to start with the a bility to obtain Top Secret clearance with eligibility for SCI and a CI Scope Polygraph after start

Preferred Qualifications

• Current Security + CE or CISSP is highly preferred.
• Current DoD TS/SCI is highly preferred.

Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.