Information Systems Security Engineer (ISSE) Technical Specialist

  • Perspecta
  • Fairfax, VA, USA
  • Nov 09, 2020
[Information Technology]

Job Description

Business Group Highlights Defense The Defense group supports the Department of Defense (DoD) mission to keep our homeland and its citizens safe. We provide solutions to improve the Nation's defense by providing software, systems engineering, IT, training and logistics and fleet management solutions. Responsibilities The selected Cybersecurity Engineer will support a new program at Perspecta, focused on development of a new Space Domain architecture. The two information technology (IT) systems under cybersecurity assessment are the space segment(s) and the IT system that includes the ground entry points, the communications network and the operations center facility and infrastructure. The ISSO will provided support to the customer's ISSM and lead a team of Cyber Security Engineers to: Implement the Risk Management Framework per DoD Instruction 8510.01; Allocate functional and performance requirements from the system level to the subsystem and component level in a manner that ensures cybersecurity is an inherent attribute of the design; Document interfaces with SDA and external programs such that there is alignment between adjacent programs cybersecurity pedigrees and risk postures; Maintain awareness of cybersecurity vulnerabilities in commercial or Government software; Monitor the allocation of cybersecurity provisions, including reporting requirements, to Subcontractors in a manner that sufficiently protects Government program information; Meet cybersecurity related duties on classified Information Systems as outlined in DoD Manual 5200.01, Volume 3. Support also includes develop and demonstrate a cybersecurity risk management plan adhering to National Institute of Standards and Technology Special Publication (NIST SP) 800-37, Risk Management Framework for Information Systems and Organizations: A System Live Cycle Approach for Security and Privacy; Demonstrate cyberspace defenses on all development systems to include continuous monitoring capability, unauthorized penetration and exploitation testing; as well as lexicon and workflow as specified in NIST SP 800-137, Information Security Continuous Monitoring; Provide a cybersecurity monitoring and testing capability in accordance with DoDI 8560.01, Communications Security Monitoring and Information Assurance; Provide for vulnerability mitigation, incident response, and reporting capabilities to limit damage and restore effective service following an incident. General Description: Provides feedback to design engineers and evaluates end-to-end systems and systems-oriented products through their entire life cycle. Working as expert, conducts research and evaluates technical performance of software products and overall segments and systems. Ensures products and systems comply with requirements and government information assurance and cyber security standards and practices through formal verification methods. Verifies/validates systems with specific emphasis on network operations and cyber warfare tactics, techniques, and procedures focused on the threat to information networks. Assesses performance using evaluation criteria and technical performance measures. Prepares assessments and cyber threat profiles of current and planned products based on sophisticated testing, research, and analysis. Participates in design reviews of components (hardware and software) to ensure applicability to the current system and traceability of requirements. Reviews test plans/procedures and ensures they verify/validate the requirements. Develops and maintains analytical procedures to meet changing requirements. Produces high-quality papers, presentations, recommendations, and findings for senior US government intelligence and operations officials. Qualifications Required: 10 to 12 years with BS/BA or 8 to 10 years with MS/MA or 5 to 7 years with PhD. Current U.S. Government Top Secret clearance Bachelors of Science Degree in Science, Technology, Engineering or Mathematics (STEM) or an advanced IA certification DoD 8570 certification in IAT or IAM Experience in security systems engineering involving various computer hardware and software operation systems and application solutions in both stand-alone and LAN/WAN configurations Experience with security features and/or vulnerability of various operating systems as defined by NIST, DISA (STIGs), and USCYBERCOM Experience with networks and systems security administration, operation systems security configuration and account management best practices Experience implementing RMF Process and NIST 800-53 technical controls, as well as developing and maintaining associated certification and accreditation documentation Desired: Self-starter requiring limited direction and supervision Experience briefing senior customer personnel Ability to organize and prioritize numerous customer requests in a fast pace deadline driven environment Familiarity with Amazon Web Services (AWS) Familiarity with customer's IA processes About Perspecta What matters to our nation, is what matters to us. At Perspecta, everything we do, from conducting innovative research to cultivating strong relationships, supports one imperative: ensuring that your work succeeds. Our company was formed to bring a broad array of capabilities to all parts of the public sectorfrom investigative services and IT strategy to systems work and next-generation engineering. Our promise is simple: never stop solving our nations most complex challenges. And with a workforce of approximately 14,000, more than 48 percent of which is cleared, we have been trusted to do just that, as a partner of choice across the entire sector. Perspecta is an AA/EEO Employer - Minorities/Women/Veterans/Disabled and other protected categories. As a government contractor, Perspecta abides by the following provision Pay Transparency Nondiscrimination Provision The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of the other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractors legal duty to furnish information. 41 CFR 60-1.35(c).
Associated topics: attack, cybersecurity, forensic, information security, information technology security, security, security analyst, threat, violation, vulnerability