Join our team as an Information Systems Security Engineer in Chantilly, Virginia, where you will design, develop, and implement secure information systems, collaborating with architects and developers to integrate robust security measures into systems.
Requirements
- Perform and review technical security assessments to identify vulnerabilities and ensure compliance with information assurance (IA) standards and regulations.
- Validate and verify system security requirements, establish system security designs, and integrate system security capabilities for various environments.
- Build cybersecurity into systems deployed to operational environments, ensuring uniform application of security policies and enterprise solutions.
- Assess and mitigate system security threats and risks throughout the program life cycle, contributing to security planning, assessment, risk analysis, and risk management.
- Apply system security engineering expertise in areas such as system security design, life cycle, risk management, and security testing, using industry system security engineering methodologies.
- Enforce the design and implementation of trusted relations among external systems and architectures and manage changes to systems while assessing security impact.
- Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies.
- Maintain the operational security posture for information systems to ensure policies, standards, and procedures are established and followed.
- Manage security aspects of information systems and perform daily security operations.
- Evaluate security solutions to ensure they meet requirements for processing classified information and perform vulnerability/risk assessments to support certification and accreditation.
- Provide configuration management for information system security software, hardware, and firmware, and manage changes to systems, assessing their security impact.
- Prepare and review security documentation, including System Security Plans (SSPs) and Assessment and Authorization packages.
- Manage and coordinate security authorization activities in accordance with Government regulations, Department of Defense and National Institute of Standards and Technology Risk Management Framework and standards, and customer-specific information security policies, processes, and procedures.
Benefits
- Competitive salary
- Benefits package
- Opportunities for professional growth and development
