Modern Technology Solutions Inc
Information Systems Security Engineer
Modern Technology Solutions Inc, Fort Meade, Maryland
Overview Modern Technology Solutions, Inc. (MTSI) is seeking multiple skill levels of Information Systems Security Engineers to join our team in the Ft Meade, Maryland area in support of a government organization essential to U.S. national security. An active TS/SCI security clearance with a polygraph is required . Why is MTSI known as a Great Place to Work? Interesting Work: Our co-workers support some of the most important and critical programs to our national defense and security. Values: Our first core value is that employees come first. We challenge our co-workers to provide the highest level of support and service, and reward them with some of the best benefits in the industry. 100% Employee Ownership: We have a stake in each other's success, and the success of our customers. It's also nice to know what's going on across the company; we have company wide town-hall meetings three times a year. Great Benefits - Most Full-Time Staff Are Eligible for: Starting PTO accrual of 20 days PTO/year 10 holidays/year Flexible schedules 6% 401k match with immediate vesting Semi-annual bonus eligibility (July and December) Company funded Employee Stock Ownership Plan (ESOP) - a separate qualified retirement account Up to $10,000 in annual tuition reimbursement Other company funded benefits, like life and disability insurance Optional zero deductible Blue Cross/Blue Shield health insurance plan Track Record of Success: We have grown every year since our founding in 1993 Modern Technology Solutions, Inc. (MTSI) is a 100% employee-owned engineering services and solutions company that provides high-demand technical expertise in Digital Transformation, Modeling and Simulation, Rapid Capability Development, Test and Evaluation, Artificial Intelligence, Autonomy, Cybersecurity and Mission Assurance. MTSI delivers capabilities to solve problems of global importance. Founded in 1993, MTSI today has employees at over 20 offices and field sites worldwide. For more information about MTSI, please visit www.mtsi-va.com. Responsibilities As an Information Systems Security Engineer with MTSI you will serve as the Program Office's information security professional and be responsible for conducting engineering activities that capture and refine requirements and ensure security is integrated into architecture designs. The ISSE works with System Engineering teams to incorporate cyber resiliency objectives, techniques, and design principles into all system engineering and development efforts throughout the systems development life cycle (SDLC). These positions can be located in the Ft Meade, Maryland in support of a government organization essential to U.S. national security, with travel up to 20%, as required by the Government. An active TS/SCI security clearance with a polygraph is required . Your essential job functions will include but will not be limited to: Serve as the Information Systems Security Officer (ISSE) providing technical input, recommendations, and assistance with the implementation of both higher and granular-level cyber security approaches, methods and solutions that incorporate and maintain compliance to requirements resulting from laws, regulations, and other pertinent guidance. Participation in acquisition meetings (PMR, PDR, CDR, etc.), concept of operation (CONOP) working groups, change boards, technical exchange meetings and other similar activities. Designing and developing security requirements that drive down risk while maintaining operational capability. Working between architecture-level and implementation-level engineering meetings to maintain a system-wide view of security functions and apply risk mitigation strategies at the appropriate level. Guiding and verifying defense contractors' work against program requirements and goals. This includes participating in technical discussions, trade studies and working groups, and conducting research on industry best practices for potential implementation. Interfacing with program managers to explain security requirements, risks and mitigations relative to their priorities of cost and schedule to ensure an acceptable risk tolerance. Evaluate newly identified threats and vulnerabilities to customer information systems to ascertain the need for additional safeguards and develop timely implementation strategies to reduce risk. Enforce the design and implementation of trusted relationships among external systems and architectures. Assess proposed changes to customer information systems, their operation environment, and mission needs for impacts to cybersecurity architectures and continued compliance with cybersecurity requirements. Provide inputs to development teams responsible for designing and developing organizational information systems and upgrading legacy systems. Employ best practices when implementing security requirements for information systems including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques. Keep abreast of current and new security technologies and threats to better support the customer in maintaining cybersecurity resilience. Identify integration issues related to the implementation of new systems within the existing infrastructure; recommend mitigation and/or resolution options as appropriate. Assist in the design of systems and networks that encompass multiple enclaves to include those with differing data protection/classification requirements. Qualifications 14 or 20 years of relevant work experience as an Information Systems Security Officer (ISSE) and/or technical experience in cybersecurity, information technology, or systems engineering. Able to demonstrate understanding of cybersecurity needs of systems at varied stages of the SDLC. Firm understanding of the DoD 8500.1-M, DoDM 5205.07, Volume 1, Joint SAP Implementation Guide (JSIG), National Institute of Standards and Technology (NIST) Special Publication 800-53, Intelligence Community Directive (ICD) Number 503. Excellent oral and written communication skills and ability to clearly translate client technical needs into technical specifications. Demonstrated ability to complete tasks, drive projects to closure, assimilate and correlate project information in a fast-paced environment. Demonstrated ability to assess and articulate risk, including to non-technical audiences. Ability to work well independently or as a team member. Qualifications Desired: Experience working on DISA Security Technical Implementation Guide (STIG) implementation. Experience working on-site in a government client environment. Familiarity with security procedures while working in a SCIF/SAPF environment. Cloud Security Implementation experience. Familiarity and experience with NSA requirements for COMSEC. Capable of applying system security engineering expertise to various client programs/processes (e.g., system security design process, engineering life cycle, information domain and cross domain solutions, identification/authentication/authorization of commercial off-the-shelf and government off-the-shelf software employment, system integration, risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, continuous monitoring, auditing, assessment and authorization, confidentiality, integrity, and availability. Education Requirements: 14 years experience with a Bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university. 4 years of ISSE experience may be substituted for a bachelor's degree. 20 years of experience with a Master's degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline may be substituted for two (2) years of experience, reducing the requirement to eighteen (18) years of experience. 4 years of additional ISSE experience may be substituted for a bachelor's degree. Certifications Requirements : 14 years experience requires (DoD 8570 compliance with IASAE Level 2) CISSP Certification and (one or more of the following) CompTIA Security GSEC SSCP CCNA-Security 20 years experience requires (DoD 8570 compliance with IASAE Level 3) CISSP Certification Information Systems Security Engineering Professional (ISSEP) Clearance Requirements : Active TS/SCI clearance to start, with Full Scope Poly Eligibility. Active Full Scope Polygraph, (Desired). U.S. Citizenship is required for this position. Travel Requirements : Up to 20%, as required by the Government. For additional company information, please visit: www.mtsi-va.com LI-MH1 ISSE MTSIjobs MTSI LI-Onsite