Information System Security Engineer

AG GRACE has a new opportunity for an Information System Security Engineer (ISSE) to work on an exciting, fast-paced program. This position will work hand-in-hand with the customer team and external teammates across all program security functions.
Duties/Responsibilities:

• Will create, review and edit authorization documentation for completeness and accuracy in accordance with federal and DoD policy.
• Implement DoD system accreditation processes (DIACAP acceptable and RMF preferred).
• Assess use case and operational risk of integrated open source, and GOTS/COTS software components.
• Will use vulnerability management systems, automated security scanning tools, and system accreditation record systems.
• Must be able to grasp new concepts, facilitate information exchanges for data gathering, and collaborate with diverse audiences.
• Will follow established processes where applicable, and establish and execute defensible processes where none are prescribed.
• Provide security planning, assessment, risk analysis, and risk management support.
• Recommend system-level solutions to resolve security requirements and guide the development team in meeting the security posture requirements.
• Support the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures.
• Must apply existing knowledge of IA policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments.
• Must be able to interact well with others to complete work.
• Review requests for software installation and conduct technical risk assessment on implementation of the software
• Work closely with system administrators to ensure installation of current patches, AV definitions and other security tools
• Perform vulnerability/risk assessment analysis to support accreditation and other program protection activities
• Prepare and review program documentation to include Risk Assessment Reports, Accreditation Packages, and security policy guides

Qualifications

TYPICAL EDUCATION AND EXPERIENCE: Bachelors and Nine (9) years or more experience; Masters and twelve (7) years or more experience; PhD or JD and nine (5) years or more experience.

Required Qualifications

• TS/SCI security clearance
• Direct ISSE experience implementing security solutions
• Technical expertise in secure computer network design, implementation, and accreditation
• Expertise in anti-virus software, intrusion detection, firewalls and content filtering
• Knowledge of risk assessment tools (e.g. NESSUS, SPLUNK, HBSS, etc.), technologies and methods
• Expertise in DCID 6/3, ICD 503, and NIST 800-53 policies and implementations
• Experience in providing oversight and coordination for multiple contractors
• Experience managing privileged user requirements
• Polished communicator (written and verbal) with keen eye for details
• DoD 8570 compliance with IAT Level II (SSCP, Security+, CCNA-Security, or GSEC certification)
• Experience with DISA STIGs and SRGs, vulnerability management systems, mitigation and compliance processes, and reviewing results from automated security scanning tools.
• The ability to work independently and as part of a team is needed