Apply Now

Information Systems Security Engineer

Dulles, VA, USA | BAE Systems

  • Industry:
  • Position Type:
  • Functions:
  • Experience:
    7-10 years
Job Description:
83 people have viewed this job

Are you interested in pursuing a new opportunity where you can use your acquired skills to bridge the gap between technical teams and security personnel? Are you an excellent communicator, critical thinker, and results oriented? If so, keep reading because we have the position for you!

We are seeking an Information Systems Security Engineer to support one of our mission critical programs. In this position, you will serve as the liaison between Agile development teams, the Information Systems Security Manager, and various mission partners; helping bridge the gap between security requirements/policies and technical implementation. To be successful, you must not only have experience completing A&A relevant documentation (concept of operations, system security design, system security plan, implementation plans, operational procedures, training materials, etc.) but also have hands on experience working with teams to help review and address Nessus and AppDetective scan findings in order to obtain a favorable Authority to Operate (ATO).

Some duties of the job include:

Working with development teams to perform architectural design, integration, installation, configuration, testing and administration of systems and capabilities to support the scanning, monitoring, and reporting of requirements

Assisting with the design, development, integration, testing, implementation, development and operations & maintenance (O&M) of tools for automation of security testing in support of existing and new Assessment and Authorization (A&A) requirements

Integrating, installing, configuring, testing, and administering tools and capabilities to implement A&A business processes, workflow, security control mappings and reporting

Workingwith security assessors to answer questions, provide justification, and provide required updates in a timely manner

Developing and implementing security baselines for Linux and Windows operating systems and networking components

Writing system security plans for existing and new systems

Assisting with the development of Plan of Action and Milestones (POA&M) that contains appropriate corrective actions for unacceptable risks

Serving as Subject Matter Expert for A&A process, ensuring teams and management understand each required milestone and tasks necessary to move to the next step

Implementing a Continuous Monitoring strategy appropriate for systems, leveraging existing tools and incorporating automations where feasible

Recommending appropriate security measures for all systems to ensure compliance with customer s security mandates

Typical Education & Experience

Typically a Bachelor's Degree and 8 years work experience or equivalent experience

Required Skills and Education

The candidate must have an Active Intel Security clearance with a Favorable Polygraph. Candidate will not be considered without it.

Documented experience providing input into A&A process activities and related documentation

Experience working with technical and non-technical personnel to explain technical information

Problem solving skills

Excellent oral, written, and organization skills

Ability to assess existing IT architecture to ensure compliance with current security requirements

Ability to evaluate proposed security architecture and designs to ensure compliance with security requirements

Ability to collaborate with internal and external mission partners

Prior experience creating security documentation, reviewing scan results, and assisting development teams with responses to Critical and/or High findings

Prior experience tracking and addressing POA&M items

Preferred Skills and Education

Experience working on an Agile team

Certified Information Systems Security Professional (CISSP)

Information Systems Security Engineering Professional (ISSEP)

Other companies hiring with Ivy Exec

 Company Logos