ISSE

Job Description

Primary Responsibilities: The ISSE shall perform, or review, technical security assessments of telecommunication and computing environments to identify points of vulnerability, non compliance with established standards and regulations and recommended mitigation strategies. This includes:

  • Validates and verifies system security requirements definitions and analysis and establishes system security design
  • Evaluates network design and performs network security assessments
  • Designs, develops, implements and or integrates IA and security systems and system components including those for telecommunication, networking, computing and enclave environment to include those with multiple enclaves and with differing data protection/classification requirements.
  • Assist architects and system developers in the identification and implementation of appropriate information security functionality to ensure uniform application of security policies to enterprise solutions
  • Enforces the design and implementation of trusted relations among external systems and architecture
  • Assesses and mitigates system security threat/risk throughout the program life cycle
  • Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.
  • Reviews C&A documentation, providing feedback on completeness and compliance of its content
  • Applies system security engineering expertise in one or more of the following
    • System security design process
    • Engineering life cycle
    • Information domain
    • Cross domain solutions
    • COTS and GOTS cryptography
    • Systems integration
    • Risk management
    • Intrusion detection
    • Contingency planning
    • Incident handling
    • Configuration control
    • Change management
    • Auditing
    • C&A Process
    • Identification, authentication and authorization
    • Principles of IA (confidentiality, integrity, non-repudiation, availability, and access control)
    • Security testing
  • Shall have telecommunications engineering and transmission switching, experience in 2 or more of the following
    • High speed digital switching
    • Optical network technologies
    • SDH/SONET including protection schemes
    • ASON (auto switched optical network)
    • MPLS/GMPLS
    • Carrier Grade Ethernet
    • Telecommunications signaling protocols including: ISON, SDH/SONET
    • International Telecommunications Union (ITU) standards
  • Support security authorization activities in compliance with DoD information System Certification and Accreditation Processes and DoD Information Assurance Certification and Accreditation Process (DIACAP) process, the NIST Risk Management Framework (RMF) process and prescribed DoD business process for security engineering.

Qualifications:

Bachelors of Science Degree from an accredited university in Computer Science, Information Assurance, Information Security System Engineering or related field with a minimum of 14 years of experience as an ISSE on programs and or contracts with the Federal Government

CISSP or CISSP-ISSEP DoD approved 8570 baseline is a firm requirement.

  • Strong writing skills
  • Confidence and ability to present briefing to senior level DoD officials in both prepared briefings and or ad hoc discussions
  • Must possess knowledge, skills, abilities:
    • Network technology, network security assessments, and systems security engineering
    • Experience identifying, researching, characterizing, and documenting security weaknesses related to operating systems, software applications, firmware, network hardware components as well as network architecture design and documented policies and procedures.
    • Experience developing and documenting systems security requirements and conducting requirements gap analysis
  • Knowledge of and practical experience with the NIST 800 series, CNSSI 1253 and DoD 8500
  • Experience with network technologies and ability to demonstrate knowledge of network protocols, communications systems and architectures
  • Should have significant hands on experience implementing security and or network components: ie: routers, firewalls, IPS, IDS etc
  • Ability to work independently within a schedule and with little direction
  • TS/Sci with poly required.
Job Title
ISSE

City State
Columbia MD
Apply With