Koam Engineering Systems
Information Systems Security Specialist
Koam Engineering Systems, Corona, California, us, 92878
Koam Engineering Systems, Inc. (KES Inc.) is an employee-owned small business specializing in technology innovation and systems integration by combining innovative products and reliable engineering services. Headquartered in San Diego, California and with offices in Gig Harbor, WA and Chesapeake, VA. KES provides services globally in systems engineering & technical assistance, requirements analysis, software design & development, systems integration & testing, independent verification & validation, and operational & logistic support.
Position Summary:The Information Systems Security Specialist will plan, coordinate, and implement an organization's computer information security measures to safeguard information in computer files against accidental or unauthorized modification, destruction, or disclosure. Reviews violations of computer security procedures to eliminate violations.
Responsibilities:Conduct information assurance (IA) assessments based on the collection, analysis, and reporting of data in accordance with the appropriate security technology and government policy methods.Analyze assessments and implement an overall risk-based decision to effectively certify security controls and countermeasures and the overall security posture of Federal IT systems and programs, networks and infrastructures throughout information technology engineering lifecycles.Utilize enterprise Mission Assurance Support Service (eMASS), Xacta, or similar systems repositories for IA purposes. Assesses and mitigates technical security and operational risks specific to industrial control system enclaves and technologies.Identify, quantify, prioritize or rank vulnerabilities and assess potential hazards and ensure the proper documentation of risk to an Information System (IS).Responsible for periodic auditing of IA artifacts to ensure proper adherence to DoD Instruction, Navy requirements, and the NIST Special Publication 800 series standards and industry best practices.Support CT&E, including conducting security controls assessment procedures; Security Requirements and Implementation Guides (SRGs, and STIGs) assessment; and automated network and host-based assessment using tools from the Assured Compliance Assessment Solution (ACAS) suite as well as assessment using non-standard tools such as Network Mapper (Nmap) and Wireshark network protocol analyzer, within a time period defined by the CT&E test plan and by staying abreast of and following all applicable Department of Defense (DoD) and Department of Navy (DoN) scanning guidance.Support Engineering Change Proposals (ECPs) by reviewing requested modifications to system baseline, evaluating impact to design and writing necessary changes to the product specification to support new capability.
Education:Bachelor's Degree in an engineering, scientific, or technical discipline.
Requirements & Qualifications:
3 years' experience in DoD program management or engineering related field.Certified Information Systems Security Professional (CISSP) (or certified per the current revision of DOD 8570.01-M).7+ years of relevant experience in System Security Engineering (SSE) and System Security with DoD major platforms.Experience in SSE and System Security including Critical Program Information (CPI) analysis, protection solution development, integration, testing, V&V, and complete System Security life cycle.Experience in supporting SSE activities as described in DoD Acquisition guidelines.
Security Clearance:Must have an active Secret clearance
Since 1995, KES has continued to foster the entrepreneurial spirit of a growing small business that focuses on the needs of its customers and employees and serves to provide a rewarding and challenging career. KES offers a competitive salary and full range of benefits. KES, Inc. is an EEO/AA Employer committed to hiring and retaining a diverse workforce.
Position Summary:The Information Systems Security Specialist will plan, coordinate, and implement an organization's computer information security measures to safeguard information in computer files against accidental or unauthorized modification, destruction, or disclosure. Reviews violations of computer security procedures to eliminate violations.
Responsibilities:Conduct information assurance (IA) assessments based on the collection, analysis, and reporting of data in accordance with the appropriate security technology and government policy methods.Analyze assessments and implement an overall risk-based decision to effectively certify security controls and countermeasures and the overall security posture of Federal IT systems and programs, networks and infrastructures throughout information technology engineering lifecycles.Utilize enterprise Mission Assurance Support Service (eMASS), Xacta, or similar systems repositories for IA purposes. Assesses and mitigates technical security and operational risks specific to industrial control system enclaves and technologies.Identify, quantify, prioritize or rank vulnerabilities and assess potential hazards and ensure the proper documentation of risk to an Information System (IS).Responsible for periodic auditing of IA artifacts to ensure proper adherence to DoD Instruction, Navy requirements, and the NIST Special Publication 800 series standards and industry best practices.Support CT&E, including conducting security controls assessment procedures; Security Requirements and Implementation Guides (SRGs, and STIGs) assessment; and automated network and host-based assessment using tools from the Assured Compliance Assessment Solution (ACAS) suite as well as assessment using non-standard tools such as Network Mapper (Nmap) and Wireshark network protocol analyzer, within a time period defined by the CT&E test plan and by staying abreast of and following all applicable Department of Defense (DoD) and Department of Navy (DoN) scanning guidance.Support Engineering Change Proposals (ECPs) by reviewing requested modifications to system baseline, evaluating impact to design and writing necessary changes to the product specification to support new capability.
Education:Bachelor's Degree in an engineering, scientific, or technical discipline.
Requirements & Qualifications:
3 years' experience in DoD program management or engineering related field.Certified Information Systems Security Professional (CISSP) (or certified per the current revision of DOD 8570.01-M).7+ years of relevant experience in System Security Engineering (SSE) and System Security with DoD major platforms.Experience in SSE and System Security including Critical Program Information (CPI) analysis, protection solution development, integration, testing, V&V, and complete System Security life cycle.Experience in supporting SSE activities as described in DoD Acquisition guidelines.
Security Clearance:Must have an active Secret clearance
Since 1995, KES has continued to foster the entrepreneurial spirit of a growing small business that focuses on the needs of its customers and employees and serves to provide a rewarding and challenging career. KES offers a competitive salary and full range of benefits. KES, Inc. is an EEO/AA Employer committed to hiring and retaining a diverse workforce.