Information Systems Security Engineer

BT-129 – Information Systems Security Engineer (ISSE)

Location: Herndon/Chantilly/Tysons (fully on-site, no remote option)

• MUST HAVE A POLY CLEARANCE TO APPLY. Those without a Poly clearance will not be considered.**
  
  

Description

The Information Systems Security Engineer supports the client and the team in defining security requirements; advises on, executes and oversees cybersecurity, information assurance (IA) programs, authority to operate (ATO), accreditation and authorization (A&A), User Activity Monitoring (UAM), and system security plans.

Responsibilities

• Lead for automated security testing efforts leveraging enterprise scanning tools
• Responsible for creation and delivery of the Monthly Vulnerability Scans
• Responsible for creation and delivery of the Monthly Privileged Users and Admin report
• Overall Lead for ensuring systems are secure by protecting data and ensuring need to know
• Responsible for working with Tech team on creating any necessary POAM's
• Helps PM with the Contract Security Plan
• Works with PM and organization's Information System Security Manager and INFOSEC Program Council as necessary
• Authors and maintains the programs System Security Plan (SSP) for A&A
• Provides the required security education and plan for the program
• Authors and maintains the programs Automated Information Systems (AIS) Plan
  
  

Required Skills

4-7 years’ experience with:

• Application security standards and processes
• Accreditation and Authorization (A&A), including documentation, POAMs, and remediation
• Application and data security requirements for authorities to develop and operation systems (ATD, ATO) such as encryption, role-based security, information assurance, and monitoring/auditing/reporting
• Coordination with engineering team to implement security requirements
• Agile / Scrum