Apply on Employer Site

Modern Technology Solutions, Inc. (MTSI) · 21 hours ago

System Security Engineer - Senior

Patterson, OH

Full-time

Hybrid

Senior Level, Lead/Staff

8+ years exp

Modern Technology Solutions, Inc. (MTSI) is seeking a Senior System Security Engineer to serve as a technical expert in the Cybersecurity Assessment Program. The role involves developing security policies, performing security engineering tasks, and ensuring compliance with cybersecurity standards throughout the system lifecycle.

Information Technology

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Serve as technical expert to the Cybersecurity Assessment Program providing technical direction, interpretation and alternatives to complex problems

Develop procedures for implementation and validation to integrate effective security designs into system architectures

Perform information system security engineering tasks, ensuring that information security requirements are properly implemented throughout the processes of security architecture, design, development, configuration, and implementation

Develop, implement, and enforce information systems security policies ensuring system security requirements are addressed during all phases of the acquisition and Information System lifecycle

Review, analyze and validate system security designs within embedded avionics systems to validate security control and architecture implementations

Conduct certification and testing in accordance with the Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) policy; identify deficiencies and provide recommendations of risk mitigation to customer

Employ best practices when implementing security controls, including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques

Integrate/Develop new techniques to improve Confidentiality, Integrity, and Availability for networks/systems operating at various classification levels

Assist program managers, system engineers and cyber test engineers in conducting Mission Based Cyber Risk Assessments

Participate in program protection analyses for program and system information, CPI, and critical components. Coordinate with the Anti- Tamper Executive Agent and test team to define AT requirements are implemented into system designs· Identify points of vulnerability, non- compliance with established cybersecurity standards and regulations, and recommend mitigation strategies

Identify points of vulnerability, non-compliance with established cybersecurity standards and regulations, and recommend mitigation strategies

Apply knowledge of cybersecurity policy, procedures, and workforce structure to implement secure networking, computing, and enclave environments

Perform system or network designs that encompass multiple enclaves to include those with differing data protection/classification requirements

Work closely with customers and vendors to provide expert level consultation and technical services on all aspects of System Security Engineering

Respond to technical issues in a professional and timely manner

Qualification

Cybersecurity AssessmentNIST SP 800-53Secure Software DevelopmentSystems EngineeringModel Based Systems EngineeringRisk Management FrameworkSecurity Technical Implementation GuideAnalytical SkillsProblem-Solving SkillsCommunication SkillsTeam PlayerTime Management

Required

Minimum of Eight (8) years of experience working in a cybersecurity related field

Prior performance in roles such as ISSO, ISSM, ISSE/SSE or SCA

Experience conducting security control assessments and/or implementation using NIST SP 800-53, NIST 800-171, ICD 503 and JSIG

Must have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners

Demonstrated experience in Systems Engineering writing systems level requirements, architectures, and designs

Knowledge and experience working in the Systems Engineering 'V' Lifecycle framework

Familiar with the Digital Engineering Environment including using Model Based Systems Engineering and Model Based Cyber Risk Assessment tools

Strong analytical and problem-solving skills

Ability to take the initiative to complete tasks with minimal supervision

Experience in Secure Software Development Lifecycle

Experience working on DISA Security Technical Implementation Guide (STIG) implementation across multiple operating systems and applications

Must be a team player and be able to work within all levels of a project team

Excellent time management, scheduling, and organizational skills

Ability to work well independently as well as follow detailed instructions for completing tasks

Demonstrated ability to complete tasks, drive projects to closure, assimilate and correlate project information in a fast-paced environment

Demonstrated ability to shift from one project to another in a dynamic, agile work environment

Excellent oral and written communication skills and ability to clearly translate client technical needs into technical specifications

Ability to communicate technical approaches and details within small project teams, including team interactions and presentations

Familiarity with security procedures while working in a SCIF/SAPF environment

BS degree from an accredited university including classes in Computer Science, Computer/Electronics/Electronics Engineering, Cybersecurity or related fields

Must meet position and certification requirements outlined in the DoDD 8570.01-M for Information Assurance Security Engineer (IASE) level 2

Possess an active Top Secret security clearance, based upon a Single Scope Background (SSBI/SBPR)

Must be eligible for Sensitive Compartmented Information (SCI) and Special Access Programs (SAP) access

Preferred

Experience with aircraft avionics, system engineering or aircraft maintenance

Prior work and experience working with aircraft, weapons or command & control systems

Experience with various Security Content Automation Protocol (SCAP) tools such as Assured Compliance Assessment Solution (ACAS) (Nessus) and SCAP Compliance Checker (SCC)

Experience using Security Incident and Event Management (SIEM) programs

Experience with performing Mission Based Cyber Risk Assessments including the MRAP-C, Cyber Table Top or Blue Book