Information Systems Security Engineer (ISSE) Lvl 3
Apply NowCompany: TENTH MOUNTAIN LLC
Location: Fort George G Meade, MD 20755
Description:
Job Title: Information Systems Security Engineer (ISSE) - Level 3
Location: Fort Meade, Maryland
Work Type: Onsite
Security Clearance: TS/SCI with Full Polygraph
Job Summary:
The ISSE Level 3 will perform and review technical security assessments of computing environments to identify vulnerabilities, ensure compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies. This role involves designing, developing, implementing, and integrating IA and security systems for complex networking and computing environments, including those with multiple enclaves and differing data protection requirements.
The successful candidate will collaborate with cross-functional teams to integrate security into every phase of the system development lifecycle, identify and mitigate security risks, and ensure the organization's adherence to the highest security standards.
Key Responsibilities:
The client offers an outstanding benefits package designed to prioritize you and your family's well-being:
Location: Fort Meade, Maryland
Work Type: Onsite
Security Clearance: TS/SCI with Full Polygraph
Job Summary:
The ISSE Level 3 will perform and review technical security assessments of computing environments to identify vulnerabilities, ensure compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies. This role involves designing, developing, implementing, and integrating IA and security systems for complex networking and computing environments, including those with multiple enclaves and differing data protection requirements.
The successful candidate will collaborate with cross-functional teams to integrate security into every phase of the system development lifecycle, identify and mitigate security risks, and ensure the organization's adherence to the highest security standards.
Key Responsibilities:
- Technical Security Assessments: Perform or review technical security assessments to identify vulnerabilities and non-compliance with IA standards. Recommend and implement mitigation strategies.
- System Security Design: Validate and verify system security requirements, establish system security designs, and ensure IA is embedded into systems deployed to operational environments.
- Security System Integration: Design, develop, implement, and integrate IA and security systems and components for networking, computing, and enclave environments, including those with multiple classification levels.
- Policy Enforcement: Enforce the design and implementation of trusted relationships among external systems and architectures.
- Security Architecture Support: Assist architects and system developers in identifying and implementing appropriate security functionality to ensure compliance with agency security policies.
- Risk Management: Assess and mitigate system security threats and risks throughout the program lifecycle.
- Certification and Accreditation (C&A): Review C&A documentation and provide feedback on its completeness and compliance. Support security authorization activities in compliance with NSA/CSS Certification and Accreditation Process (NISCAP), DoD Information Assurance Certification and Accreditation Process (DIACAP), and NIST Risk Management Framework (RMF).
- Security Engineering Expertise: Apply expertise in areas such as system security design processes, engineering lifecycle, cross-domain solutions, cryptography, authentication, risk management, intrusion detection, contingency planning, incident handling, configuration control, and auditing.
- Security Testing: Conduct security testing to ensure compliance with IA principles, including confidentiality, integrity, non-repudiation, availability, and access control.
- Customer Interaction: Interact with customers and project team members to ensure alignment with security requirements.
- Security Planning and Documentation: Contribute to security planning, risk analysis, and risk management activities. Develop and maintain critical security documentation, including System Security Plans (SSPs), Risk Assessment Reports (RARs), and Plan of Action and Milestones (POA&Ms).
- Experience:
- Minimum of 14 years of experience as an ISSE on programs and contracts of similar scope, type, and complexity.
- Proven expertise in security engineering for large-scale systems.
- Education:
- Bachelor's degree in Computer Science, Information Assurance, Information Security, or a related field from an accredited institution.
- (Four additional years of relevant experience may substitute for the degree.)
- Certifications:
- DoD 8570.01-M compliance with IASAE Level 2 is required.
- CISSP certification is required.
- Security Clearance:
- Must possess an active TS/SCI clearance with Full Polygraph.
- In-depth understanding of IA principles, policies, and procedures.
- Hands-on experience with security tools such as SIEM, IDS/IPS, vulnerability scanners, and cryptographic solutions.
- Strong analytical and problem-solving skills.
- Excellent communication skills, both written and verbal.
- Familiarity with secure networking, computing, and enclave environments.
- Knowledge of NSA/CSS and DoD security processes, including NISCAP, DIACAP, and RMF.
- Direct experience with NSA/CSS systems and environments.
- Advanced knowledge of modern cybersecurity threats, including advanced persistent threats (APTs).
- Experience with commercial off-the-shelf (COTS) and government off-the-shelf (GOTS) solutions.
The client offers an outstanding benefits package designed to prioritize you and your family's well-being:
- Fully Paid Medical Benefits: The client covers all health-related expenses for you and your immediate family (spouse and children), with no deductibles or premiums.
- Retirement Plan: Includes a standard 6% match on your 401(k) to help secure your financial future.
- Paid Time Off (PTO):
- 3 weeks of PTO annually.
- 11 paid federal holidays.
- 2 code red days (for weather or emergencies).
- Totaling approximately 5-6 work weeks of paid time off.