Information System Security Engineer (ISSE) III - Hybrid jobs in United States
cer-icon
Apply on Employer Site
company-logo

Ishpi Information Technologies, Inc. (DBA ISHPI) · 3 months ago

Information System Security Engineer (ISSE) III - Hybrid

positionPhiladelphia, PA
timeFull-time
remoteHybrid
senioritySenior Level
date7+ years exp

Ishpi Information Technologies, Inc. (DBA ISHPI) is dedicated to providing technical solutions that meet their customers' business needs. The ISSE III will support the Naval Surface Warfare Command by providing cybersecurity support, including risk management framework processes, vulnerability management, and compliance audits.

Information TechnologySoftware
check
Comp. & BenefitsbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Assessment & Authorization (A&A)
Cybersecurity Compliance and Audit Readiness
Information Assurance Vulnerability Management (IAVM)
Vulnerability Scanning and Remediation
Application and Implementation of Security Technical Implementation Guides (STIGs) and Security Requirements Guide (SRGs)
Assist with the developing, maintaining, and tracking Risk Management Framework (RMF) system security plans which include System Categorization Forms, Platform Information Technology (PIT) Determination Checklists, Assess Only (AO) Determination Checklists, Implementation Plans, System Level Continuous Monitoring (SLCM) Strategies, System Level Policies, Hardware Lists, Software List, System Diagrams, Privacy Impact Assessments (PIA), and Plans of Action and Milestones (POA&M)
Execute the RMF process in support of obtaining and maintaining Interim Authority to Test (IATT), AO approval, Authorization to Operate (ATO), and Denial of Authorization to Operate (DATO)
Identify and tailor IT and CS security control baselines based on RMF guidelines and categorization of the RMF boundary
Perform Ports, Protocols, and Services Management (PPSM)
Perform IT and CS vulnerability-level risk assessments
Execute security control testing as required by a risk assessment or annual security review (ASR)
Mitigate and remediate IT and CS system level vulnerabilities for all assets withing the boundary per STIG requirements
Develop and maintain Plans of Actions and Milestones (POA&M) in Enterprise Mission Assurance Support Service (eMASS)
Develop and maintain system level IT and CS policies and procedures for respective RMF boundaries and/or guidance provided by the command ISSMs
Implement and assess STIG and SRGs
Perform and develop vulnerability assessments with automated tools such as Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP) Compliance Check (SCC) and Evaluate STIG
Deploy security updates to Information System components
Perform routine audits of IT system hardware and software components
Maintain inventory of Information System components
Participate in IT change control and configuration management processes
Upload vulnerability data in Vulnerability Remediation Asset Manager (VRAM)
Image or re-image assets that are part of the assigned RMF boundary
Install software and troubleshoot software issues as necessary to support compliance of the RMF boundaries’ assets
Assist with removal of SSD, HDD or other critical components of assets before destruction and removal from the RMF boundary
Provide cybersecurity patching of assets in times of DoD and DoN TASKORDs, FRAGORDs, or even designated by Command ISSM, ACIO, and/or Code 104 management
Support configuration change documentation and control processes and maintaining DOD STIG Compliance
Support cyber compliance of assets that are part of an enterprise IT network to include Windows server and CISCO networking hardware. This includes assessing vulnerabilities, patching and meeting requirements of the STIG for the hardware
Report compliance issues of network hardware to management as not cause an operational of the network

Qualification

Cybersecurity ComplianceRisk Management Framework (RMF)Vulnerability ScanningSecurity Technical Implementation Guides (STIGs)Information Assurance Vulnerability Management (IAVM)Security Control TestingPlans of ActionsMilestones (POA&M)Assured Compliance Assessment Solution (ACAS)CISCO NetworkingTeam CollaborationProblem SolvingCommunication Skills

Required

Bachelor's degree in Computer science, Information Technology, or an equivalent technical degree from an accredited college or university
Seven (7) years professional experience capturing and refining information security operational and security requirements, and ensuring those requirements are properly addressed through purposeful architecting, design, development, and configuration; and implementing security controls, configuration changes, software/hardware updates/patches, vulnerability scanning, and securing configurations
Minimum Certification Requirement includes one of the following: CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH or CCSP
Requires U.S. Citizenship and an active government security clearance

Company

Ishpi Information Technologies, Inc. (DBA ISHPI)

twittertwitter
company-logo
ISHPI works in concert with other defenders of the Homeland to fortify national preparedness, agility, strength and advantage in the cyber domain – a readiness state we refer to as an Holistic CyberStance™.
dateFounded in 2006
location
Mt Pleasant, South Carolina, USA
people-size201-500 employees
web-link
http://www.ishpi.net

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Girish Seshagiri
Executive Vice President & CTO
linkedin
Company data provided by crunchbase