4430 Information Assurance Security Engineer

OVERVIEW:

We're looking for an Information Assurance Security Engineer to provide expert technical services across all aspects of Information Security. This individual will be responsible for writing information security policy drafts, reviewing Memorandums of Agreement (MOAs), coordinating and managing Certification & Accreditation (C&A) activities, advising on system design and architecture, and designing and evaluating information security systems. The role also supports multi-agency information sharing, incident response, audit reviews, Configuration Control Boards (CCBs), and day-to-day security consulting.

GENERAL DUTIES:

Information Assurance & Compliance

• Act as the representative of the Information System Security Manager (ISSM), ensuring compliance with information security procedures
• Support efforts to operate, maintain, and dispose of information system materials in accordance with security directives, policies, practices, and Systems Security Plans (SSPs)
• Generate and implement required security training to ensure user awareness prior to system access
• Ensure IA hardware and software complies with security configuration guides
• Implement and enforce IA policies and procedures as defined by A&A documentation
• Ensure users are aware of their IA responsibilities
• Initiate protective and corrective measures when incidents or vulnerabilities are discovered

Security Engineering & Operations

• Perform Operations & Sustainment (O&S) functions for the NCE network security infrastructure, including firewalls, web gateways, mail gateways, IDS, load balancers, performance monitoring tools, and management systems
• Perform maintenance and advanced configuration of security equipment to protect the network from emerging cyber threats
• Conduct forensic traffic and log analysis to isolate issues or respond to analyst alerts
• Respond to escalated troubleshooting requests
• Maintain and administer network infrastructure standards, documentation, and fault tolerance
• Present monitoring, test results, and reports as required
• Perform and support integration testing
• Participate in special projects as required

Vulnerability Management

• Review Plan of Action & Milestones (POA&Ms) and conduct technical decomposition, categorization, remediation, and lien resolution
• Execute remediation processes to implement technical solutions addressing vulnerability findings identified through ACAS security scans

Technical Environment

• Experience with Cloud Infrastructure/AWS-based technology
• Experience using security tools such as:
  • ACAS
  • HBSS
  • Carbon Black
  • Tanium
  • RedSeal
  • EMET
• Experience installing, hardening, deploying, documenting, and troubleshooting network perimeter security technologies
• Experience scripting on Unix and/or RHEL
• Experience with Microsoft macros and PowerShell scripting
• Basic understanding of Windows Enterprise Active Directory architecture and VMware virtualization
• Proficiency with network routing and VLAN technologies

Collaboration

• Work with developers, system engineers, project managers, and users to identify system protection requirements and ensure security is built into systems from the beginning
• Ability to work on multiple projects simultaneously in a dynamic, fast-paced, team-oriented environment

REQUIRED QUALIFICATIONS:

• 10-15 years of related experience in data security administration
• Bachelor's degree in Computer Science or a related technical discipline (or equivalent combination of education, training, and experience)
• IAM Level II Certification (DoD 8570.1M) required prior to start
• Knowledge of and experience with ICD 503
• Understanding of the customer's RMF process and how systems security requirements are met
• Experience with Cloud Infrastructure/AWS-based solutions

DESIRED QUALIFICATIONS:

• CISSP certification or equivalent (CAP, GSLC, CISM)
• System administration experience
• Network engineering experience
• System design and development experience

Security Engineering Responsibilities

• Define, plan, design, and evaluate information security systems
• Assess system architecture and hardware limitations
• Define system specifications, input/output processes, and hardware/software compatibility requirements
• Perform complex information security engineering tasks ranging from security component design to enterprise architecture
• Supervise the work of other engineers performing information security tasks

CLEARANCE:

• Active Top Secret minimum clearance