Information Systems Security Engineer III jobs in United States
info-icon
This job has closed.
company-logo

ARMADA, Ltd. ยท 2 months ago

Information Systems Security Engineer III

positionPhiladelphia, PA
timeFull-time
remoteOnsite
senioritySenior Level
date7+ years exp

ARMADA, Ltd. is seeking an Information Systems Security Engineer III to assist in developing and maintaining security plans and executing the Risk Management Framework (RMF) process. The role involves identifying security control baselines, performing vulnerability assessments, and ensuring compliance with security policies and procedures.

HardwareManufacturingMobile
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

The Information Systems Security Engineer III (ISSE III) shall assist with the developing, maintaining, and tracking Risk Management Framework (RMF) system security plans which include System Categorization Forms, Platform Information Technology (PIT) Determination Checklists, Assess Only (AO) Determination Checklists, Implementation Plans, System Level Continuous Monitoring (SLCM) Strategies, System Level Policies, Hardware Lists, Software List, System Diagrams, Privacy Impact Assessments (PIA), and Plans of Action and Milestones (POA&M)
The Information Systems Security Engineer III shall execute the RMF process in support of obtaining and maintaining Interim Authority to Test (IATT), AO approval, Authorization to Operate (ATO), and Denial of Authorization to Operate (DATO)
The Information Systems Security Engineer III shall identify and tailor IT and CS security control baselines based on RMF guidelines and categorization of the RMF boundary
The ISSE III shall perform Ports, Protocols, and Services Management (PPSM)
The ISSE III shall perform IT and CS vulnerability-level risk assessments
The ISSE III shall execute security control testing as required by a risk assessment or annual security review (ASR)
The ISSE III shall mitigate and remediate IT and CS system level vulnerabilities for all assets within the boundary per STIG requirements
The ISSE III shall develop and maintain Plans of Actions and Milestones (POA&M) in Enterprise Mission Assurance Support Service (eMASS)
The ISSE III shall develop and maintain system level IT and CS policies and procedures for respective RMF boundaries and/or guidance provided by the command ISSMs
The ISSE III shall implement and assess STIG and SRGs
The ISSE III shall perform and develop vulnerability assessments with automated tools such as Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP) Compliance Check (SCC) and Evaluate STIG
The ISSE III shall deploy security updates to Information System components
The ISSE III shall perform routine audits of IT system hardware and software components
The ISSE III shall maintain inventory of Information System components
The ISSE III shall participate in IT change control and configuration management processes
The ISSE III shall upload vulnerability data in Vulnerability Remediation Asset Manager (VRAM)
The ISSE III shall image or re-image assets that are part of the assigned RMF boundary
The ISSE III shall install software and troubleshoot software issues as necessary to support compliance of the RMF boundaries' assets
The ISSE III shall assist with removal of SSD, HDD or other critical components of assets before destruction and removal from the RMF boundary
The ISSE III shall provide cybersecurity patching of assets in times of DoD and DoN TASKORDs, FRAGORDs, or even designated by Command ISSM, ACIO, and/or Code 104 management
The ISSE III shall support configuration change documentation and control processes and maintaining DOD STIG Compliance
The ISSE III shall support cyber compliance of assets that are part of an enterprise IT network to include Windows server and CISCO networking hardware. This includes assessing vulnerabilities, patching and meeting requirements of the STIG for the hardware
The ISSE III shall report compliance issues of network hardware to management
Other duties as assigned

Qualification

Risk Management Framework (RMF)Information AssuranceVulnerability AssessmentsSTIG ComplianceIAT Level III CertificationCybersecurity PatchingConfiguration ManagementTeamworkCommunicationCustomer Focus

Required

Active Secret Security Clearance
Seven (7) years professional experience capturing and refining information security operational and security requirements
Bachelor's degree in computer science, information technology, or an equivalent technical degree from an accredited college or university
IAT Level III certification (CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH and CCSP)
Ability to work as a team member, communicate, perform office functions and use office tools, customer focused and deliver exceptional performance
Ability to develop and implement information assurance guidance and execute ISS functions with little to no supervision

Company

ARMADA, Ltd.

twittertwittertwitter
company-logo
ARMADA is a world-class provider of mitigation, prevention, preparedness, protection, response and recovery solutions.
dateFounded in 2014
location
Powell, Ohio, USA
people-size51-200 employees
web-link
http://www.armadausa.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Patrick North
Armada LTD Site Lead at U.S. Navy CENSECFOR Learning Site Mayport Florida
linkedin
Company data provided by crunchbase