Senior Specialist, Information Security Systems Engineer (Anti-Tamper Product Protection)

Job Title: Senior Specialist Information Security Systems Engineer (Anti-Tamper/ Product Protection)
Job Code: 33526
Job Location: Palm Bay FL
Job Schedule: Employees work 9 out of every 14 days totaling 80 hours worked and have every other Friday off

Job Description:
As a Senior Specialist Information Security Systems Engineer you will apply current systems security engineering methods practices and technologies to the architecture design development evaluation and integration of systems and networks to maintain system security. You will work closely with Government customers to ensure security protection needs concerns and requirements are defined and implemented with appropriate fidelity and rigor early in the system lifecycle enabling successful security collaboration with systems developers and commercial product vendors you will design and evaluate state-of-the-art secure systems networks and database products using methods such as encryption technology vulnerability analysis and security management. You will be responsible for integrating multiple security methods into a cohesive system security perimeter and environment along with the policies and procedures necessary to monitor and maintain it. Additionally you will prepare Certification and Accreditation documentation using multiple standards to achieve security authorization of supported systems and represent program security needs and requirements at customer meetings.

Essential Functions:

• Apply advanced systems security engineering methods practices and technologies to the architecture design development evaluation and integration of secure systems and networks.
• Collaborate closely with Government customers and internal staff to define implement and maintain security protection needs concerns and requirements throughout the system lifecycle ensuring security authorization.
• Design implement and manage security controls and configurations for both Linux and Windows systems including system hardening vulnerability assessments and penetration testing.
• Prepare and manage Certification and Accreditation documentation using RMF and derivative processes (e.g. DOD 8510 JSIG ICD-503 CNSSI 1253) to achieve security authorization of supported systems.
• Conduct Static Application Security Testing (SAST) for Application Security and Development STIG compliance and navigate DoD software selection and approval processes for COTS GOTS and FOSS.
• Configure and manage logging for Linux and Windows systems ensuring relevant security events are captured and forwarded to Splunk servers for analysis and monitoring.
• Monitor and analyze security logs and alerts from Splunk investigating potential security incidents and taking appropriate actions to mitigate risks.
• Experience with security tools such as IDS/IPS vulnerability scanners and endpoint protection solutions.
• Develop document and maintain security policies procedures and guidelines for system hardening configuration management and emerging security technologies.
• Develop and implement incident plans and procedures to ensure that security incidents are responded to promptly and effectively.
• Perform functional analysis timeline analysis detailed trade studies requirements derivation and allocation and interface definition studies.
• Contribute to Information Security Engineering activities including CDRLs trade studies security requirements analysis secure architecture development compliance with security controls and security test/verification activities.
• Identify security risks threats and vulnerabilities of networks systems applications and new technology initiatives and support security engineering activities such as basis of estimate development design test configuration management and maintenance of information systems and data.
• Provide technical guidance coaching and training to other employees and be able to act as an IA liaison across all engineering and security disciplines ensuring integration of security controls into the system development lifecycle.
• Develop and deliver security training and awareness programs that integrate latest security approaches and standards.
• Work is 100% on-site and cannot be accomplished remotely.
  
  

Qualifications:

• Bachelors Degree and minimum 6 years of prior relevant experience. Graduate Degree and a minimum of 4 years of prior related lieu of a degree minimum of 10 years of prior related experience.
• Must possess an active clearance: TS/SCI CI Poly.
• Must be able to obtain and maintain a DOD 8140 certification (or NIST 800-181) appropriate for the position within 6-months of start.
  
  

Preferred Additional Skills:

• Recent (within 3 years) CI Poly.
• Familiarity with emerging technologies such as cloud computing containerization and microservices and their security implications (e.g. Understanding of security control inheritance in cloud-based systems.)

#LI-FS1