Info System Security Engineer (Government) Job
Job Description Job Attributes+
COLUMBIA, MD, US
The Information Systems Security Engineer shall perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies.
- Validates and verifies system security requirements definitions and analysis and establishes system security designs
- Designs, develops, implements and/or integrates IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements
- Builds IA into systems deployed to operational environments.
- Supports the building of security architectures
- Enforce the design and implementation of trusted relations among external systems and architectures
- Assesses and mitigates system security threats/risks throughout the program life cycle.
- Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations
- Reviews certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content
- Applies the following to system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security testing
- Support security authorization activities in compliance with NSA/CSS Information System Certification and Accreditation Process (NISCAP) and DoD Information Assurance Certification and Accreditation Process (DIACAP) process, the NIST Risk Management Framework (RMF) process, and prescribed NSA/CSS business processes for security engineering
- Candidate may be required to respond to after-hours requests as required in a 24 x 7 environmentRequired Skills, Experience, and Education:
- Seven (7) years’ experience as an ISSE on programs and contracts of similar scope, type, and complexity within the Federal Government required
- Bachelor’s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university is required
- Four (4) years of additional ISSE experience may be substituted for a bachelor’s degree
- DoD 8570 compliance with IASAE Level 2 is required
- CISSP is requiredRequired Clearance:
TS/SCI with Poly
AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V