THE PROJECT

The DarkStar Group's team solves unique and challenging intelligence problems for a Special Operations customer. This work is as close to the mission as a technologist can get, so the environment is fast-paced: team members face rapidly-changing requirements and priorities as mission needs evolve. If you hate monotony and want to use your skills to have a direct impact on real-world operational success, this is the project for you.

We are a multi-faceted software development and systems administration team working to build and maintain software applications backed by a self-managed cloud infrastructure (OpenStack) with a true big-data footprint (over 10 petabytes). Our diverse background of experience in mission support and software development serves as a catalyst to solve unique and challenging intelligence problems in support of special operations analysts and their on-going activities. Prototyping and frequent, iterative feedback are core to our delivery approach, anchored by a need to work quickly in support of our missions.

The technical stack is quite robust and includes Java, Python, C#, C/C , Geospatial tools, Big Data and Graph Products (Hadoop, MapReduce, Spark, ElasticSearch, Neo4j), Linux, OpenStack, AWS, Ansible, SQL/NoSQL, Text Processing, Cloud Services, Containerization, Infrastructure as Code (IAC), and more.

Work on this program takes place in the Herndon, VA area (we cannot support remote work) and requires a TS clearance and a willingness to obtain a CI Poly: a current TS/SCI CI Poly is preferred.THE ROLEThe DarkStar Group is currently seeking an independent, creative, and driven Information Systems Security Engineer (ISSE) to join our big-data platform team. In this role, you will support a massive National Security platform supporting large-scale analytics on various customer data sources. If you are an ideal candidate, you are passionate about technology and have an ability to learn quickly. What you will be doing:

• Contribute to team success by building out and maintaining a large-scale customer hosted OpenStack platform, enabling massive analytics for platform users.
• Analyze existing and future systems, review security architectures, and develop engineering solutions that integrate information security requirements to proactively manage information protection.
• Engineer and deploy network defense countermeasures such as anti-virus, anti-spam, and intrusion detection and prevention system solutions.
• Analyze Information Assurance (IA) security events, including threat model development and resulting security risk analysis of systems.
• Review and assess information security events and logs via sophisticated security information and event manager.

• Bachelor's degree in Engineering, Computer Science, or related field. 4 additional years of experience may be substituted in lieu of a degree
• Minimum of 8 years of relevant experience
• Demonstrated expertise in IC policy and able to interact at senior levels to ensure requirements are met while preserving the most feasible security posture
• Apply NIST, DOD, and other government standards, policies and regulations (e.g., NIST 800-137, NIST 800-53, 800-37 and 800-39)
• Must be able to manage security configs and communicate with others on the platform who are impacted by security decisions/direction
• Must be a highly motivated, self-driven team player who can interact well with others and advise/consult with other team members and customers on system security-related issues
• CompTIA Security certification or CISSP certification

• Demonstrated expertise in Cloud Security Architecture (specifically AWS service catalog), Implementation, Compliance, to include Authority to Operate (ATO) for Hybrid Cloud hosted infrastructure and applications
• Experience with reviewing security scan results and determining the risk and impact of vulnerabilities
• Demonstrated experience administering Linux and Windows operating systems in accordance with applicable security controls
• Skilled in managing complex regulatory and audit program, focusing on secured cloud capabilities, to include Authorization to Operate (ATO) in multi-tenant environment
• Experience configuring and securing systems to achieve compliance with Security requirements and determining the risk/impact of vulnerabilities (e.g., Nessus Scanner, Security Center, Splunk, McAfee EPo Server)
• Experience conducting Assessment and Authorization (A&A) using Risk Management Framework (RMF) activities; across all 6 steps.
• Experience producing accurate Configuration records through the life-cycle of the asset
• Develop weekly ConMon Reports to customer and capture metrics as security control assessments are conducted. Detail findings, provide status, recommended mitigations, metrics, and evidence.