System Security EngineerModern Technology Solutions Inc • Michigan, North Dakota, United States
Cette offre d'emploi n'est plus disponible
System Security Engineer
Modern Technology Solutions Inc
- Michigan, North Dakota, United States
- Michigan, North Dakota, United States
À propos
- Serve as technical expert to the Cybersecurity Assessment Program providing technical direction, interpretation and alternatives to complex problems.
- Develop procedures for implementation and validation to integrate effective security designs into system architectures.
- Perform information system security engineering tasks, ensuring that information security requirements are properly implemented throughout the processes of security architecture, design, development, configuration, and implementation.
- Develop, implement, and enforce information systems security policies ensuring system security requirements are addressed during all phases of the acquisition and Information System lifecycle
- Review, analyze and validate system security designs within embedded avionics systems to validate security control and architecture implementations
- Conduct certification and testing in accordance with the Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) policy; identify deficiencies and provide recommendations of risk mitigation to customer.
- Employ best practices when implementing security controls, including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques
- Integrate/Develop new techniques to improve Confidentiality, Integrity, and Availability for networks/systems operating at various classification levels
- Assist program managers, system engineers and cyber test engineers in conducting Mission Based Cyber Risk Assessments
- Participate in program protection analyses for program and system information, CPI, and critical components. Coordinate with the Anti- Tamper Executive Agent and test team to define AT requirements are implemented into system designs· Identify points of vulnerability, non- compliance with established cybersecurity standards and regulations, and recommend mitigation strategies
- Identify points of vulnerability, non-compliance with established cybersecurity standards and regulations, and recommend mitigation strategies
- Apply knowledge of cybersecurity policy, procedures, and workforce structure to implement secure networking, computing, and enclave environments
- Perform system or network designs that encompass multiple enclaves to include those with differing data protection/classification requirements
- Work closely with customers and vendors to provide expert level consultation and technical services on all aspects of System Security Engineering.
- Respond to technical issues in a professional and timely manner.
Qualifications Required:
- Minimum of Eight (8) years of experience working in a cybersecurity related field
- Prior performance in roles such as ISSO, ISSM, ISSE/SSE or SCA
- Experience conducting security control assessments and/or implementation using NIST SP 800-53, NIST , ICD 503 and JSIG
- Must have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners
- Demonstrated experience in Systems Engineering writing systems level requirements, architectures, and designs
- Knowledge and experience working in the Systems Engineering "V" Lifecycle framework
- Familiar with the Digital Engineering Environment including using Model Based Systems Engineering and Model Based Cyber Risk Assessment tools
- Strong analytical and problem-solving skills
- Ability to take the initiative to complete tasks with minimal supervision
- Experience in Secure Software Development Lifecycle
- Experience working on DISA Security Technical Implementation Guide (STIG) implementation across multiple operating systems and applications
- Must be a team player and be able to work within all levels of a project team
- Excellent time management, scheduling, and organizational skills
- Ability to work well independently as well as follow detailed instructions for completing tasks
- Demonstrated ability to complete tasks, drive projects to closure, assimilate and correlate project information in a fast-paced environment
- Demonstrated ability to shift from one project to another in a dynamic, agile work environment
- Excellent oral and written communication skills and ability to clearly translate client technical needs into technical specifications
- Ability to communicate technical approaches and details within small project teams, including team interactions and presentations
- Familiarity with security procedures while working in a SCIF/SAPF environment
Desired Skills & Experience:
- Experience with aircraft avionics, system engineering or aircraft maintenance
- Prior work and experience working with aircraft, weapons or command & control systems
- Experience with various Security Content Automation Protocol (SCAP) tools such as Assured Compliance Assessment Solution (ACAS) (Nessus) and SCAP Compliance Checker (SCC)
- Experience using Security Incident and Event Management (SIEM) programs
- Experience with performing Mission Based Cyber Risk Assessments including the MRAP-C, Cyber Table Top or Blue Book
Education:
- BS degree from an accredited university including classes in Computer Science, Computer/Electronics/Electronics Engineering, Cybersecurity or related fields
- Must meet position and certification requirements outlined in the DoDD M for Information Assurance Security Engineer (IASE) level 2
Clearance Requirements:
- Possess an active Top Secret security clearance, based upon a Single Scope Background (SSBI/SBPR).
- Must be eligible for Sensitive Compartmented Information (SCI) and Special Access Programs (SAP) access.
Travel:
- 20% anticipated travel, but could vary
#MTSI #LI-MS1
Compétences linguistiques
- English
Avis aux utilisateurs
Cette offre a été publiée par l’un de nos partenaires. Vous pouvez consulter l’offre originale ici.