Allen Integrated Solutions LLC
Information System Security Engineer (ISSE)-Level 3, OS&CI
Allen Integrated Solutions LLC, Aurora, Colorado, United States, 80012
Information System Security Engineer (ISSE) Level 3
Clearance Required:
TS/SCI
with Current CI Poly
Location: Aurora, CO -
100% onsite
Minimum Years Experience:
5 years
Overall Assignment Description:
In this role you will ensure cybersecurity requirements are identified, allocated, implemented, verified and continuously monitored throughout the system life cycle.
What You'll Be Doing:Define system security requirements in coordination with security stakeholders including system engineers, program managers, security control assessors, and authorizing officials.Ensure cybersecurity requirements are identified, allocated, implemented, verified and continuously monitored throughout the system life cycle.Coordinate RMF processing with program, developer and authorizing stakeholders to achieve ATOs.Provide independent cybersecurity advice and guidance to government stakeholders.Develop or review system security designs and architectures.Advise system engineers on best methods to remediate vulnerability findings through the use of security scanning toolsSupport engineering analysis of alternatives, tradeoffs, and risk treatment decisionsDevelop cybersecurity documentation in support of customer Risk Management Framework (RMF) process; in accordance with NIST SP 800-37 Rev 2.Work with interdisciplinary teams to deliver trustworthy and secure systems.What Required Skills You'll Bring:
5 years minimum of system and/or security engineering work performed in support of U.S. Government customers subject to Intelligence Community Directive (ICD) 503.(ISC)2 Certified Information System Security Professional (CISSP) or Certified Cloud Security Professional (CCSP) certification.Review and development of RMF Assessment and Authorization (A&A) documentation, e.g. System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POAMs).Proven ability to balance priorities in a dynamic, mission-oriented environment.Strong initiative and communication skills.What Desired Skills You'll Bring:
Experience implementing NIST SP 800-53 Revision 4 security requirements and NIST SP 800-53A security assessment procedures.Knowledge of Cloud (i.e. Azure, Amazon C2S, Commercial and GovCloud) security planning, design, and operations.Ability to explain complex cybersecurity issues to a diverse audience in layman's termsEngineering work performed in national security mission environments.Experience implementing or assessing cybersecurity solutions using technologies such as:Nessus, WebInspect, Splunk, Open SCAPMicrosoft Windows, Server, Active DirectoryRedHat Linux; CentOS,Virtualization Platforms: Hyper-V, VMwareVDI (Desktop), CitrixNetwork engineering/design of LANs, WANs, MANs, including underlying routing protocols, and implementation. (TCP/IP, BGP, OSPF)Knowledge of Cross Domain Solutions (CDSs).Experience presenting verbal/written communications to Senior leadership including ISSMs, System Owners, Authorizing officials, security directorsExperience with systems engineering lifecycle processesExperience as an advisor the Government ISSM on ATO extensions, body of evidence reviewsParticipating in RFC/CCB reviews as voting member for Government customer programsExperience guiding systems through the RMF approval process per NIST-800-37.
Clearance Required:
TS/SCI
with Current CI Poly
Location: Aurora, CO -
100% onsite
Minimum Years Experience:
5 years
Overall Assignment Description:
In this role you will ensure cybersecurity requirements are identified, allocated, implemented, verified and continuously monitored throughout the system life cycle.
What You'll Be Doing:Define system security requirements in coordination with security stakeholders including system engineers, program managers, security control assessors, and authorizing officials.Ensure cybersecurity requirements are identified, allocated, implemented, verified and continuously monitored throughout the system life cycle.Coordinate RMF processing with program, developer and authorizing stakeholders to achieve ATOs.Provide independent cybersecurity advice and guidance to government stakeholders.Develop or review system security designs and architectures.Advise system engineers on best methods to remediate vulnerability findings through the use of security scanning toolsSupport engineering analysis of alternatives, tradeoffs, and risk treatment decisionsDevelop cybersecurity documentation in support of customer Risk Management Framework (RMF) process; in accordance with NIST SP 800-37 Rev 2.Work with interdisciplinary teams to deliver trustworthy and secure systems.What Required Skills You'll Bring:
5 years minimum of system and/or security engineering work performed in support of U.S. Government customers subject to Intelligence Community Directive (ICD) 503.(ISC)2 Certified Information System Security Professional (CISSP) or Certified Cloud Security Professional (CCSP) certification.Review and development of RMF Assessment and Authorization (A&A) documentation, e.g. System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POAMs).Proven ability to balance priorities in a dynamic, mission-oriented environment.Strong initiative and communication skills.What Desired Skills You'll Bring:
Experience implementing NIST SP 800-53 Revision 4 security requirements and NIST SP 800-53A security assessment procedures.Knowledge of Cloud (i.e. Azure, Amazon C2S, Commercial and GovCloud) security planning, design, and operations.Ability to explain complex cybersecurity issues to a diverse audience in layman's termsEngineering work performed in national security mission environments.Experience implementing or assessing cybersecurity solutions using technologies such as:Nessus, WebInspect, Splunk, Open SCAPMicrosoft Windows, Server, Active DirectoryRedHat Linux; CentOS,Virtualization Platforms: Hyper-V, VMwareVDI (Desktop), CitrixNetwork engineering/design of LANs, WANs, MANs, including underlying routing protocols, and implementation. (TCP/IP, BGP, OSPF)Knowledge of Cross Domain Solutions (CDSs).Experience presenting verbal/written communications to Senior leadership including ISSMs, System Owners, Authorizing officials, security directorsExperience with systems engineering lifecycle processesExperience as an advisor the Government ISSM on ATO extensions, body of evidence reviewsParticipating in RFC/CCB reviews as voting member for Government customer programsExperience guiding systems through the RMF approval process per NIST-800-37.