Information Systems Security Engineer

Strategic ACI is seeking an Information Systems Security Engineer (ISSE)who will be responsible for management of the certification and accreditation of computer networks and standalone information systems using government standards. This individual will maintain responsibility for media control, virus scanning, hardware and software control, and computer security briefings. Additionally, the ISSE will support all disciplines within the security program and ensure business needs are met. Responsibilities: Work with the system administrator to ensure all systems security procedures are being followed and maintain audit files that are reviewed in accordance with multiple client requirements. Interact with internal and external customers or government security officials to perform security duties, address routine information security matters with employees regarding issues, and report preparation and system security access briefings. Make sound decisions and manage all aspects of information systems security as it applies to the DOD community (NISPOM, IFSO Manual, NISPOM Technical Baseline, DOD 8570M), conduct risk assessments on hardware intended for use by a program to determine the proper Protection Level for the IS, and identify any vulnerabilities that would need mitigation. Prepare and implement Information System Security Plans, Protection Profiles, etc., working closely with local DSS, ODAA, and other government approval authorities to achieve system accreditation and maintain compliance for all collateral classified information systems. Conduct regular AIS audits to ensure accredited systems are being operated securely and computer security policies and procedures are implemented as defined in security plans. Ensure that personnel are trained on the IS's prescribed security restrictions and safeguards before they are initially allowed to access a system. Ensure the implementation of site procedures for marking, handling, controlling, removing, transporting, sanitizing, reusing, and destroying media/equipment containing classified information are followed. Qualifications: Required: Active TS/SCI clearance. A Bachelor's degree with 8-10 years of experience. 8-10 years of related experience in INFOSEC administration. In-depth experience with Government procedures and policies, including Operations Security requirements and preparation of deliverable documentation. 3 years of experience generating Risk Management Framework (RMF) packages, including supporting Intelligence Community Directive (ICD) 503 compliance. 3 years of experience providing Cybersecurity (IT security) support with IT hardware, software, networks/security system, or management services with IT hardware, software, networks/security system. 3 years of experience with applying DISA Security Technical Implementation Guide (STIGs) and Security Recommendation Guides (SRG). 2 years of experience utilizing the Assured Compliance Assessment Solution (ACAS) tool to analyze computer asset vulnerabilities. Certifications: IA certification in Security+ CE or higher (e.g. CEH, CASP, CISSP, etc.)

Created: 2024-11-05