Information System Security Engineer (ISSE)

Information System Security Engineer (ISSE) Summary The Information System Security Engineer (ISSE) position will support multiple sponsors to provide Cybersecurity Architecture Analysis and Security Engineering Support. The selected candidate will perform tasks to ensure cybersecurity is included in the design of new and existing operational environments, security authorization activities in compliance with Risk Management Framework (RMF) policies and procedures, to include: System Security Plans (SSPs), Risk Assessment Reports, Assessment and Authorization (A&A) packages, and Security Controls Traceability Matrix (SCTM). Assist the Information Systems Security Manager (ISSM), Information System Security Officer (ISSO), and Contractor Program Security Officer (CPSO) in maintaining operational security posture to ensure information systems (IS), security policies, standards, and procedures are established and followed. Perform vulnerability/risk assessment analysis to support Assessment & Authorization (A&A), provide configuration management (CM) expertise for information system security software, hardware, and firmware, and facilitate the Change Control Board (CCB) meetings. The ISSE will lead the CUI compliance plan. The position is based at Michigan Tech Research Institute in Ann Arbor, MI ( Responsibilities Engineer cyber security solutions in support of multiple government sponsors. Perform and review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established cybersecurity standards and regulations, and recommend mitigation strategies. Design and develop security designs for new or existing operational environments. Ensure that system designs support the incorporation of cyber security vulnerability solutions. Support and maintain existing Windows and Linux Desktop and Server infrastructure. Deploy new Desktops and Servers as needed. Support, maintain, and update computer systems. Assist the FSO and CPSO as required in support of the 32 CFR 117, and DoD 5205.07 volumes 1 - 4. Participate as part of the team charged with making MTRI NIST-800-171, DFARS Clause 252.204-7012, and CMMC compliant and maintaining compliance. Assist with the maintenance of COMSEC equipment. Accept ownership and responsibility responding to new and different requests. Apply safety-related knowledge, skills, and practices to everyday work. Commit to learning about continuous improvement strategies and applying them to everyday work. Actively engage in university continuous improvement initiatives. Other duties as assigned. Required Education, Certifications, Licensures Bachelor's degree in Computer Science or other computer related discipline or equivalent work experience. ISC2 Certified Information Systems Security Professional (CISSP) (or Associate) certified or ISC2 Certified in Cybersecurity. Security+ certification. JAMF certification. Required Experience 5 - 10 years of experience in computer/network support, administration, and Cybersecurity. 1 - 3 years of experience supporting NSA COMSEC programs. Experience with 32 CFR, Part 117, NISPOM and DoD 5205.07 Volume 1-4. Experience with Risk Management Framework (RMF), NIST SP 800-53, Security Technical Implementation Guides (STIGS) and Security Content Automation Protocol (SCAP) Compliance Checker. Required Knowledge, Skills, and/or Abilities Active TS/SCI Department of Defense security clearance. Excellent written/oral communication skills. Demonstrated organizational ability and attention to detail. Ability to take direction, but work without continuous oversight. Ability to exercise discretion and independent judgment with respect to significant matters related to job duties. Demonstrated commitment to contribute to a safe work environment. Required Training and Other Conditions of Employment Every employee at Michigan Technological University will receive the following 4 required trainings; additional training may be required by the department: Employee Safety Overview Annual Data Security Training Annual Title IX Training Offers of employment are contingent upon and not considered finalized until the required background check has been performed and the results received and assessed. Other Conditions of Employment: Please note that successful applicants are responsible for ensuring their eligibility to work in the United States (i.e. a citizen or national of the United States, a lawful permanent resident, a foreign national authorized to work in the United States without the need of an employer sponsorship) on or before the effective date of your appointment, and maintain eligibility without sponsorship throughout your appointment. Michigan Technological University is an Equal Opportunity Educational Institution/Equal Opportunity Employer that provides equal opportunity for all, including protected veterans and individuals with disabilities. FLSA Status: Exempt Negotiable Based on Experience Title of Position Supervisor: Information Systems Security Manager Posting Type: Internal and External Dependent on Funding: Yes To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. #J-18808-Ljbffr

Created: 2025-02-01