TMC TECHNOLOGIES
Senior Information Systems Security Engineer (ISSE)
TMC TECHNOLOGIES, Huntsville, Alabama, United States, 35824
TMC Technologies is in search of a Senior Information Systems Security Engineer to support our federal client located in Pocatello, Idaho. The candidate must be a
US citizen
and possess an
active Top Secret clearance
to start due to federal contract requirements. The candidate will be responsible for verifying compliance with Federal Information Security Management Act (FISMA), National Institute of Standards and Technology (NIST), DISA Security Technical Implementation Guide (STIG), Federal Information Processing Standards (FIPS), National Information Processing Standards (NIPS), and other regulatory security compliance articles associated with data center infrastructure and platform design, deployment, testing, certification, patching, addressing or mitigating computer security issues, for all infrastructure and system components.
Duties of the Senior Information Systems Security Engineer include:
Responsible for the secure design, analysis, and test of information security systems and products.
Serve as the subject matter expert (SME) for data center system environments and performs standard project tasks to analyze IT security compliance requirements, translate those into security designs, implements these designs, and tests effectiveness.
Functionally serve as a SME with working knowledge of information security products including firewalls, monitoring and intrusion detection systems, anti-virus systems, vulnerability testing, and security analysis tools.
Create and update security test plans for detecting and mitigating risk to information systems. Engineer and perform tests and test plans to satisfy audits and provide solutions for mitigating information systems findings or risks.
Evaluate, improve, and maintain the information security throughout the infrastructure.
Monitor and correct information system issues and create recovery processes for failures and vulnerabilities and track vulnerabilities until they are resolved or mitigated to the satisfaction of the government Accrediting Authority (AO).
Proactively ensure the highest levels of systems and infrastructure availability.
Monitor and test application performance for potential bottlenecks, identify possible solutions, and work with engineers to implement those fixes.
Maintain security, compliance, and reduce risk strategies for information systems. Work with other security entities for certification and accreditation and authority to operate for new platforms or services to include cloud services and platforms.
Write and maintain custom scripts to increase system efficiency and lower the human intervention time on any tasks, such as automated scanning of systems and auditing, and data spill cleanups.
Participate in the design of information and operational support systems.
Configure scanning tools to function without impacting the users or the system.
Configure and support TLS and PKI encrypted connections.
Provide 4th level support.
Liaise with vendors and other IT personnel for problem resolution.
Ensure technical documentation exists for all systems and is kept up to date to include system security plans, business impact analyses, continuity of operations plans, mitigations, authorized software lists, authorized hardware lists, and elevated user access list and roles.
Ensure technical documentation exists for all systems and is kept up to date to include inventory and patch levels of all systems to include hostnames, property numbers, IP addresses, enclave, number of cores, number of processors, admin passwords, certificates, and service accounts on a monthly interval.
Provide real-time alerts and dashboard information on security performance and availability.
Document system configurations to include passwords, access controls, version number, and revision numbers, patch levels, and inventory to include hostnames, TCP/IP addresses, number of processors, and number of cores, memory, and license keys.
Continually transition knowledge to the government staff through training and assistance on how to use the technology using industry best practices.
Write Engineering Documents as requested, including the Business Impact Analysis (BIA) and the Information System Contingency Plan (ISCP).
Interface with other security teams within the FBI and its partners and consult to ensure deliverables meet all security requirements.
Implement and monitor security measures for the protection of computer systems, networks, and information.
Identify and define system security requirements.
Design computer security architecture and develop detailed security designs.
Prepare and document standard operating procedures and protocols.
Configure and troubleshoot security infrastructure devices.
Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
Report any security issues or incidents to management and provide a detailed explanation in both oral and written form.
Produce comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement.
Minimum Requirements:Active Top Secret clearance required.Bachelor's degree preferred.Minimum of Certified Information Systems Security Professional (CISSP) with an emphasis in security assessment and testing, and operations is required.Minimum 7 years of relevant experience is required.
#J-18808-Ljbffr
US citizen
and possess an
active Top Secret clearance
to start due to federal contract requirements. The candidate will be responsible for verifying compliance with Federal Information Security Management Act (FISMA), National Institute of Standards and Technology (NIST), DISA Security Technical Implementation Guide (STIG), Federal Information Processing Standards (FIPS), National Information Processing Standards (NIPS), and other regulatory security compliance articles associated with data center infrastructure and platform design, deployment, testing, certification, patching, addressing or mitigating computer security issues, for all infrastructure and system components.
Duties of the Senior Information Systems Security Engineer include:
Responsible for the secure design, analysis, and test of information security systems and products.
Serve as the subject matter expert (SME) for data center system environments and performs standard project tasks to analyze IT security compliance requirements, translate those into security designs, implements these designs, and tests effectiveness.
Functionally serve as a SME with working knowledge of information security products including firewalls, monitoring and intrusion detection systems, anti-virus systems, vulnerability testing, and security analysis tools.
Create and update security test plans for detecting and mitigating risk to information systems. Engineer and perform tests and test plans to satisfy audits and provide solutions for mitigating information systems findings or risks.
Evaluate, improve, and maintain the information security throughout the infrastructure.
Monitor and correct information system issues and create recovery processes for failures and vulnerabilities and track vulnerabilities until they are resolved or mitigated to the satisfaction of the government Accrediting Authority (AO).
Proactively ensure the highest levels of systems and infrastructure availability.
Monitor and test application performance for potential bottlenecks, identify possible solutions, and work with engineers to implement those fixes.
Maintain security, compliance, and reduce risk strategies for information systems. Work with other security entities for certification and accreditation and authority to operate for new platforms or services to include cloud services and platforms.
Write and maintain custom scripts to increase system efficiency and lower the human intervention time on any tasks, such as automated scanning of systems and auditing, and data spill cleanups.
Participate in the design of information and operational support systems.
Configure scanning tools to function without impacting the users or the system.
Configure and support TLS and PKI encrypted connections.
Provide 4th level support.
Liaise with vendors and other IT personnel for problem resolution.
Ensure technical documentation exists for all systems and is kept up to date to include system security plans, business impact analyses, continuity of operations plans, mitigations, authorized software lists, authorized hardware lists, and elevated user access list and roles.
Ensure technical documentation exists for all systems and is kept up to date to include inventory and patch levels of all systems to include hostnames, property numbers, IP addresses, enclave, number of cores, number of processors, admin passwords, certificates, and service accounts on a monthly interval.
Provide real-time alerts and dashboard information on security performance and availability.
Document system configurations to include passwords, access controls, version number, and revision numbers, patch levels, and inventory to include hostnames, TCP/IP addresses, number of processors, and number of cores, memory, and license keys.
Continually transition knowledge to the government staff through training and assistance on how to use the technology using industry best practices.
Write Engineering Documents as requested, including the Business Impact Analysis (BIA) and the Information System Contingency Plan (ISCP).
Interface with other security teams within the FBI and its partners and consult to ensure deliverables meet all security requirements.
Implement and monitor security measures for the protection of computer systems, networks, and information.
Identify and define system security requirements.
Design computer security architecture and develop detailed security designs.
Prepare and document standard operating procedures and protocols.
Configure and troubleshoot security infrastructure devices.
Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
Report any security issues or incidents to management and provide a detailed explanation in both oral and written form.
Produce comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement.
Minimum Requirements:Active Top Secret clearance required.Bachelor's degree preferred.Minimum of Certified Information Systems Security Professional (CISSP) with an emphasis in security assessment and testing, and operations is required.Minimum 7 years of relevant experience is required.
#J-18808-Ljbffr