TSC is seeking a qualified Information System Security Engineer to support the design, development, accreditation, and sustainment of DoD Information Systems. The candidate must be a self-starter capable of completing tasks and producing quality deliverables with minimal supervision.
Key tasks include:
- Develops and maintains system security plans (SSP), control guidelines, and related security artifacts.
- Supports all activities required to achieve ATO. Including:
o Analysis and documentation requirements
o Set up and completion of security scans
o Identification, documentation, testing, and mitigation of security findings
- Understands and implements security requirements for systems in compliance with DIACAP / Risk Management Framework (RMF), and ensures the successful completion of the C&A / A&A process.
- Helps develop secure, scalable, and redundant solutions by applying all DISA STIG requirements, DoD and industry best practices, and vendor security guides.
- Develops and follows Standard Operating Procedure (SOPs) and best business practices to ensure the developed solutions and mitigations are reproducible and repeatable.
- Reviews and approves proposed changes to system baseline configurations.
- Maintains and sustains compliance with all vendor-released security patches including applicable Information Assurance Vulnerability Messages (IAVM)
- Works closely with the component Information System Security Manager through regular briefings, meetings, and discussions in regard to information security.
- Candidate must hold a B.S. degree in a relevant field such as Computer Science, Information Security, or Information Systems.
- 5+ years hands-on experience in C&A and DIACAP. Knowledge and experience with the C&A process, DIACAP, NIST, and other intelligence community standards relating to information security.
- Experience with security vulnerability assessment tools including WebInspect, AppDetective, Nessus, and Fortify.
- Knowledge and experience with AIX, virtualization, reporting applications, Active Directory, and databases are a plus.
- This position requires U.S. Citizenship, Secret clearance, and compliance with DoD 8570.01-Manual, “Information Assurance Workforce Improvement Program” requirements.
License / Certificate
CISSP or Security Plus
Indeed - 7 months ago
copy to clipboard