Apply on Employer Site

TekSynap · 2 weeks ago

Information System Security Engineer (ISSE) - Senior

Huntsville, AL

Full-time

Onsite

Senior Level, Lead/Staff

8+ years exp

TekSynap is a fast-growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. The Information System Security Engineer (ISSE) is responsible for identifying security risks, designing, developing, and integrating secure information systems, and ensuring that security requirements are embedded throughout the system lifecycle.

ComputerInformation ServicesInformation Technology

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Lead, mentor, and supervise a team of security professionals responsible for the end-to-end implementation of the RMF lifecycle for IT systems

Oversee and coordinate activities within the Prepare step, ensuring roles, responsibilities, and risk management strategies are clearly defined and maintained

Guide system categorization efforts to ensure all information systems are appropriately classified based on mission/business impact and regulatory requirements

Direct the selection, tailoring, and documentation of security controls aligned with system categorizations, risk appetite, and compliance requirements

Oversee the implementation of technical, operational, and management controls throughout system and application lifecycles, with a particular focus on quality and completeness of all deliverables

Ensure comprehensive security control assessments are planned, executed, and documented to validate the effectiveness of implemented safeguards

Prepare risk management documentation for system authorization and executive decision-making

Direct ongoing monitoring and continuous assessment activities, collecting metrics to adjust security strategies and ensure sustained compliance

Serve as a principal technical advisor on cybersecurity, bringing subject-matter expertise to risk analysis, incident response, system remediation, and audit support efforts

Foster a culture of security awareness, providing technical guidance and training to both team members and stakeholders

Track, report, and communicate status, risks, and improvement opportunities related to security engineering activities to leadership and stakeholders

Maintain up-to-date knowledge of RMF, NIST guidance, and industry best practices in support of continuous process improvement

Qualification

Security ClearanceTenable NessusIBM GuardiumHP WebInspectNMAPJCAMXactaCISSPGISPCASPCSSLPCISSP–ISSEPCISSP–ISSAPBachelor's in ITCybersecuritySoft Skills

Required

Must hold an active Top Secret clearance with the ability to obtain SCI

Familiarity with the use and operation of security tools, including but not limited to: Tenable Nessus and/or Security Center, IBM Guardium, HP WebInspect, Network Mapper (NMAP), Comparable security assessment and monitoring tools

Minimum of 8 years of relevant experience, or an equivalent combination of education and experience, such as: Doctorate plus 6 years of experience, Master's plus 6 years of experience, Associate's degree plus 10 years of experience, High school diploma or GED plus 14 years of experience

Preferred

Experience with Joint Cybersecurity Authorization Management (JCAM) and/or Xacta

One or more of the following certifications: Certified Information Systems Security Professional (CISSP), Global Information Security Professional (GISP), CompTIA Advanced Security Practitioner (CASP), Certified Secure Software Lifecycle Professional (CSSLP), CISSP–ISSEP (Information Systems Security Engineering Professional), CISSP–ISSAP (Information Systems Security Architecture Professional), Other certifications aligned with DoD Instruction 8570.1, IAM Level II

Bachelor's or advanced degree in Computer Science, Cybersecurity, or a related IT discipline