The Information Assurance/Security Engineer will provide security engineering and information assurance support to the Government’s Assessment and Authorization (A&A) process to maintain Authority to Operate (ATO) and Authority to Connect (ATC) for mission applications and services.
Designs, develops, monitors and documents security controls, security testing, security reporting, and plan of actions and milestones (POA&Ms) throughout systems and application lifecycles in support of mission systems.
Provides security engineering design inputs, security design reviews, and security best practices as part of technical and change requests.
Configures and validates secure systems, physical controls, and tests security products and systems to detect security weaknesses.
Maintains XACTA security records for supported systems.
Bachelor’s Degree in computer science, engineering, or similar technical field (additional 4 years of relevant experience may be substituted for degree)
Certification: Requires 8570 compliance (IAT Level 2) such as CompTIA Security +
Ideal candidates have 6 years of hands-on experience and expertise in one or more of the following:
Support to vulnerability management, patching, information assurance and/or ATO process for Classified DoD or IC environments.
Experience documenting and assessing security controls in CentOS/RHEL Linux Systems, Cisco Networks, VDI and/or Virtual server hosting environments.
Experience supporting, securing and delivering hardware and software updates and enhancements through testing, security assessment and authorization, and production readiness reviews.
Demonstrated documentation writing for security plans, tests, and reports.
Must demonstrate strong teamwork, communication (both verbal and written), and presentation skills.
Must demonstrate strong initiative to accept new technical challenges in complex security engineering assignments
Certified Information Systems Security Professional (CISSP)
Cisco Certified Network Professional (CCNP) certification(s)
Desired Experience with one or more of the following:
DoD or Intelligence Community IT and Application service delivery.
Experience supporting full lifecycle A&A process for classified DoD or IC infrastructure and application service delivery.
Experience managing ATO process through XACTA tool.
Experience working with Special Access Programs (SAP)
Hands-on experience with Agile software development
Hands-on Experience with VDI hosting and virtualization with VMWare and/or Nutanix
Experience deploying and supporting NiFi data flows
Experience deploying and supporting Apache Tomcat webservices