Apply on Employer Site

UICGS / Bowhead Family of Companies · 1 day ago

ISSO/Systems Security Engineer

Dahlgren, VA

Full-time

Onsite

Mid, Senior Level

5+ years exp

UICGS / Bowhead Family of Companies is seeking a skilled full-time ISSO/Systems Security Engineer to join their team in Dahlgren, VA. The ideal candidate will ensure compliance of all Information Systems with relevant security guidance and will be responsible for developing security procedures, identifying vulnerabilities, and maintaining documentation for accreditation.

Information Technology & Services

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Provide technical assistance to the Government in assuring compliance with all policies, guidance, and recommendations stipulated and promulgated by the NSWCDD ISSM

Recommend and develop draft IA and system security procedures and practices, in accordance with the NSWCDD Information Assurance and Compliance Office standards and administer approved procedures and practices

Identify security vulnerabilities and recommend corrective security measures for network access points

Working knowledge in Risk Assessment (RA), Risk Management Framework (RMF) which outlines the 6 Steps to Risk Management Process for Federal Information Systems in order to assist the business areas in completion of the Business Impact Analysis, and subsequent creation of Security Documentations like System Security Plan (SSP), Security Assessment Report (SAR) and Plans of Action and Milestones (POA&M)

RMF Review, validate, and maintain Assessment & Authorization (A&A) documentation, accreditation records for NSWCDD RDT&E classified and unclassified IT and network systems for the NSWCDD IAM

Ensure RMF packages are updated and accredited during the regular three-year Authority to Operate (ATO) cycles

Experience with NIST 800 SPs to include but not limited to NIST SPs 800-37, 800-53 & 53A, 800-60, FIPS (199 & 200)

Develop PDS Approval Request packages for new PDSs and update PDS Daily Inspection Procedures

Developing a variety of IA related documentation, to include but not be limited to, Platform Information Technology (PIT) designation requests, PIT Risk Assessment requests

Systems Security Engineer will create Plan of Actions and Milestones (POA&M) and Standard Operating Procedures (SOPs)

Ability to analyze Security Technical Implementation Guides (STIGs), Security Content Automation Protocol (SCAP) and Assured Compliance Assessment Solution (ACAS) scanning results

Ability to assess technical and non-technical security controls to determine compliance

Qualification

DoDD 8140 IAM Level II CertificationRisk Management Framework (RMF)NIST 800 SPsUNIX system administrationWindows system administrationSecurity Technical Implementation Guides (STIGs)Assured Compliance Assessment Solution (ACAS)Communication skillsInterpersonal skills

Required

High School Diploma required. Bachelors Degree preferred

A minimum of to five (5) years of experience in systems design, development and integration preferred

Must meet DoDD 8140 IAM Level II Certification

Knowledgeable with DoD security and IA requirements as outlined in DoDI 8500.2 and the Defense Information Systems Agency (DISA) Security Technical Implementation Guidelines (STIG)

Must have knowledge of basic to advanced UNIX and Windows system administration as well as current knowledge of DoD Ports, Protocols, and Services (PPS), Public Key Infrastructure (PKI), and DoD Information Assurance Vulnerability Management (IAVM) policies and standards

Strong oral and written communication skills