Information Systems Security Engineer Job Listing at SPA in Huntsville, AL (Job ID 22816)

Description

Overview

Intrepid, an SPA Company, brings more than 20 years of experience supporting the Department of Defense and U.S. Government, consistently setting the standard for excellence in the federal marketplace. Committed to advancing the mission of the U.S. Warfighter, Intrepid leverages technological superiority to deliver innovative solutions across air, space, land, and sea domains. We are proud to foster a collaborative, dynamic work environment, offering competitive compensation and an industry-leading 401k contribution. Our team is built through merit and achievement, and we're always looking for the best and brightest to join us in our growth. We treat our people like family, we are mission-focused, and we give back! Join us today.

SPA has an immediate or near term need for an Information Systems Security Engineer. 

The candidate will be supporting a Cyber Compliance Team providing ISSM-Basic support for tactical systems. The person will be a key member of a team performing Hardware and Software Cybersecurity analysis along with key functions supporting the Risk Management Framework (RMF) Assessment and Authorization (A&A) process for data processing, test, and tactical systems. Candidate must be able to prioritize competing requirements for time and resources and be able to adjudicate resource requirements based on understanding of Government customer and mission needs.

Duties and Responsibilities will include:

• Provide accurate technical evaluations of the equipment, software applications, full systems, or network and documenting the security posture, capabilities, and vulnerabilities against applicable NIST controls.
• Selecting and assessing security controls, timely completion of accreditation packages, formulating and implementing mitigations and maintaining the security posture of systems.
• Must have experience with eMASS and initiating, updating, and maintaining RMF packages.
• Identify, assess, make risk mitigation recommendations, and document system security threats/risks throughout a system's lifecycle; validate system security requirements; formulate and maintain documentation and system certification and accreditation activities (planning, testing, assessing and coordinating).
• Ability to work with system developer to update, maintain, and track RMF and POA&M documentation.
• Documenting preliminary or residual security risks for system operation and manage and approve Authorization Packages.
• Monitoring and evaluating a system's compliance with Department of Defense (DoD) security, resilience, and dependability requirements including performing validation steps, comparing actual results with expected results, and analyzing the differences to identify impacts and risks at the software application, system, and network levels.
• Work with teams to provide solutions and to ensure continued functionality of systems within DoD RMF Framework.

Required Qualifications:

• Associate degree (Engineering, IT or Cyber-related field)

• Meet DoDD 8140 ISSM-Basic certification, education, and experience compliance

• 3+ years of experience with implementing and evaluating DoD STIG requirements, NIST RMF, IAVMs and Cybersecurity assessment tools (ACAS, Nessus, SCC, STIG Viewer)

• Knowledge of the Risk Management Framework (RMF) process and NIST security controls

• Knowledge of information system architecture and standards as they apply to cyber security

• Knowledge of NIST SP 800-160, Systems Security Engineering

• U.S. Citizen

• Must possess and maintain a US Secret security clearance

Desired Qualifications: 

• Bachelor's Degree (Engineering, IT or Cyber-related field)

• Top Secret, SCI eligible, security clearance is a plus

• Strong desire to contribute to overall team success

• Excellent written and oral communication skills

• High degree of proficiency in MS Office Suite

Required Qualifications:

• Associate degree (Engineering, IT or Cyber-related field)

• Meet DoDD 8140 ISSM-Basic certification, education, and experience compliance

• 3+ years of experience with implementing and evaluating DoD STIG requirements, NIST RMF, IAVMs and Cybersecurity assessment tools (ACAS, Nessus, SCC, STIG Viewer)

• Knowledge of the Risk Management Framework (RMF) process and NIST security controls

• Knowledge of information system architecture and standards as they apply to cyber security

• Knowledge of NIST SP 800-160, Systems Security Engineering

• U.S. Citizen

• Must possess and maintain a US Secret security clearance

Desired Qualifications: 

• Bachelor's Degree (Engineering, IT or Cyber-related field)

• Top Secret, SCI eligible, security clearance is a plus

• Strong desire to contribute to overall team success

• Excellent written and oral communication skills

• High degree of proficiency in MS Office Suite

The candidate will be supporting a Cyber Compliance Team providing ISSM-Basic support for tactical systems. The person will be a key member of a team performing Hardware and Software Cybersecurity analysis along with key functions supporting the Risk Management Framework (RMF) Assessment and Authorization (A&A) process for data processing, test, and tactical systems. Candidate must be able to prioritize competing requirements for time and resources and be able to adjudicate resource requirements based on understanding of Government customer and mission needs.

Duties and Responsibilities will include:

• Provide accurate technical evaluations of the equipment, software applications, full systems, or network and documenting the security posture, capabilities, and vulnerabilities against applicable NIST controls.
• Selecting and assessing security controls, timely completion of accreditation packages, formulating and implementing mitigations and maintaining the security posture of systems.
• Must have experience with eMASS and initiating, updating, and maintaining RMF packages.
• Identify, assess, make risk mitigation recommendations, and document system security threats/risks throughout a system's lifecycle; validate system security requirements; formulate and maintain documentation and system certification and accreditation activities (planning, testing, assessing and coordinating).
• Ability to work with system developer to update, maintain, and track RMF and POA&M documentation.
• Documenting preliminary or residual security risks for system operation and manage and approve Authorization Packages.
• Monitoring and evaluating a system's compliance with Department of Defense (DoD) security, resilience, and dependability requirements including performing validation steps, comparing actual results with expected results, and analyzing the differences to identify impacts and risks at the software application, system, and network levels.
• Work with teams to provide solutions and to ensure continued functionality of systems within DoD RMF Framework.