Information Systems Security Engineer (ISSE) Top Secret Clearance wSCI eligibility

AMERICAN SYSTEMSis seeking a highly experiencedInformation Systems Security Engineer (ISSE)to support aSpecial Access Program (SAP)in Arlington VA.

This role is suited for an experienced security engineer who combinesdeep JSIG and RMF expertisewith hands-on security assessment experience acrossboth Linux and Windowssystems in highly restricted environments. The ideal candidate understandssecurity controls at an engineering leveland can author tailor and defend documentation without reliance on automated RMF tools.

As anInformation Systems Security Engineer (ISSE)at AMERICAN SYSTEMS you will:

• Design and implement enterprise-level security architectures forSAP systems

• ApplyJSIGrequirements to system authorization control implementation and documentation

• Manuallydevelop RMF/JSIG authorization artifacts includingSSPscontrol narrativesPOA&Msandsupporting evidence

• Perform hands-on security assessments onLinux and Windows systems includingcommand-line audits compliance scans log review and control validation

• Analyze scan results identify security gaps and support remediation planning and execution

• Validate and implementhost-based firewallandsecurity configurationsin coordination with system administrators

• Manage and trackPOA&Msthrough mitigation remediation or risk acceptance

• Ensure system compliance throughcontinuous monitoringof controls procedures and documentation

• Identify security deficiencies and provide actionable remediation recommendations

• Supportsystem recoveryand security oversight following outages or incidents

• Participate inchange managementactivities assessingsecurity impacts to SAP systems

• Support security investigationsincident response andremediationactivities

• Collaborate with engineering teams to integrate security requirements into system design and production releases

#hotjobs

• ActiveTop Secret clearancewith SCI eligibility

• Willingness to submit for aCI Polygraph

Education Experience and Certifications

• Bachelors degree in a STEM discipline with1011 yearsof relevant experienceor

  • Masters degree with810 yearsof relevant experience

• Minimum5 years of experiencedesigning and implementing enterprise-scale security solutions

• DoD 8140 IAT Level IIIequivalent certification (e.g.SecurityXCISSP CCNP Security CISA GCED GCIH or CCSP)

SAP and Authorization Expertise

• Demonstrated experience supportingSpecial Access Programs (SAP)

• Working knowledge ofJSIGand its application to RMF authorization

• Proven experienceauthoring RMF/JSIG artifacts by hand without reliance on automated RMF tools (eMASS Xacta etc.)

• Strong background inRMF ICD 503 NIST SP 800-53 DCID 6/3 or current DoD authorization practices

Technical Security Experience

• Hands-on security assessment experience acrossLinux systems includingcommand-line validationwhen required
• Experience supporting security tools such asSplunkEnterpriseHBSSMcAfee ePOENS andDLP
• Demonstrated security engineering experience acrossLinux WindowsCiscoplatforms databases (SQLorOracle) andvirtualizedenvironments