Create a Job Alert.

Enter your email below to save this search and receive job recommendations for similar positions.
Thank you. We'll send jobs matching these to
You already suscribed to this job alert.
No Thanks
US
What job do you want?
Apply to this job.
Think you're the perfect candidate?
Apply Now

You’re being taken to an external site to apply.

Enter your email below to receive job recommendations for similar positions.
Information System Security Engineer (NMMES) at Imagine One Technology

Information System Security Engineer (NMMES)

Imagine One Technology Norfolk, VA Full-Time
Apply Now
Job Title:         Information System Security Engineer (ISSE)
 
Job Code:       13603286  
   
Job Location:  Norfolk, Virginia

This job istemporarily remote" due to COVID-19 pandemic, but will transition to a non-remote job after the pandemic stay-at-home orders have been lifted.  Interviews and orientations will be conducted remotely.  

Imagine One is seeking an Information System Security Engineer (ISSE) to provide full life cycle support for the development, delivery and sustainment of the Assessment and Authorization (A&A) Navy Risk Management Framework (RMF) life cycle, ensuring systems receive and maintain authorization. The ISSE will provide independent assessments, reviews and implementation guidance for Department of Defense (DoD) and Department of the Navy (DON) acquisition, financial and Information Technology (IT) policies, laws and regulations.

The successful candidate will develop authorization packages, including System Categorization Statements, Network Diagrams, Data Flows, Ports, Protocols and Services Management (PPSM), External Connections, System Risk Assessments and System Security Plans, supporting documentation and Memorandum for the Record based on DON “use case” requirements.  In addition, the ISSE will evaluate and assess compliance with established Cybersecurity (IA) policies and regulations, collaborate directly with the assigned validator defining mitigation strategies, evaluating DISA Security Technical Implementation Guides (STIG)/Security Requirements Guides (SRG) and checklist, engage with government staff, security personnel and NAVSEA stakeholders, development teams to communicate A&A requirements, understand system security, architecture and document IA posture for DON authorization/reauthorization and continuous authorization lifecycle requirements.

Required Qualifications:
  • A bachelor degree in in Science, Technology, Engineering, or Mathematics (or equivalent);
  • Current recognized Cybersecurity certification with continuing education requirements and 3-5 years’ experience. 
  • Minimum compliance with DoD Manual 8570.01M (or equivalent) Cyber Information Technology/Cybersecurity Workforce IAM Level II is required. 

Working knowledge and experience in: 
  • Skills and abilities of Intermediate Level position
  • Ability to communicate clearly and succinctly in written and oral presentations
  • Technical writing ability
  • Understanding of computer security and DoD Information Assessment & Authorization policies, DoD information security policies, relevant federal and private standards, requirements, Defense Information Systems Agency (DISA), National Institute of Standards (NIST) policies, Committee for National Security Systems (CNSS) policies, DoD/DON Communications Task Orders (CTO’s, TASKORD’s), and DoD Cybersecurity Vulnerability Messages (IAVM’s)
  • DoD STIGs and SRGs, the DISA STIG Explorer and the use of STIG/SRG Applicability Guide and Collection Tool (SCAP Tool) results.  Conversant with how to obtain the latest STIGs/SRGs, how to create STIG/SRG checklists and import SCAP Tool results to STIG/SRG Checklists, assess and document the automated and manual assessment results of SCAP Tool, requirements and how to document the results in the STIG/SRG checklists, draft proposed mitigations for non-compliant results, and develop POA&Ms to resolve the non-compliant results
  • Vulnerability analysis of information systems and identify, report, and resolve non-compliant cybersecurity controls
  • Ability to recommend Cybersecurity solutions and controls to support requirements.
  • Cybersecurity compliance and secure cyber posture with respect to availability, integrity, confidentiality, and authentication
  • Assessment and Authorization (A&A) packages
  • Development of authorization artifact documentation to include engineering documentation, network drawings, and related documentation as required by authorization standards
  • Configuration Management support

Desired Qualifications:
  • Knowledgeable in areas concerning Navy Risk Management Framework (RMF) lifecycle Information Cybersecurity requirements and Information System Assessment and Authorization (A&A)
  • Experience with Department of Navy Authorizing Official (NAO) requirements, DON RMF specific templates, requirements, documentation, guidelines and procedures.
  • Familiar with the DoD Information Technology Portfolio Repository-Navy (DITPR-DON)/DON Application and Database Management System (DADMS) and the requirements for their use
  • Fully Qualified Navy Validator (FQNV) or Navy Qualified Validator (NQV) certification
  • Experience with any of the following technologies: Platform Information Technology (PIT), Cloud Computing, Information System Virtualization, etc.
  • Assured Compliance Assessment Solution (ACAS), DoD Host Base Security System (HBSS) and DON Vulnerability Remediation Asset Manager (VRAM)
  • Experience with Enterprise Mission Assurance Support Service (eMASS)
  • Experience with Risk Management Framework (RMF) authorization packages
  • Knowledge of cybersecurity implementation of Sarbanes-Oxley, Health Insurance Portability and Accountability Act of 1996 (HIPAA), and/or Clinger-Cohen Act requirements a plus
 
U.S. Citizenship and a Current Secret clearance is required
  
Imagine One offers a full package of benefits and competitive salary, excellent group medical, vision and dental programs. 401K savings plan; $4K annual tuition reimbursement ($5K if pursuing Master’s degree); employee training, development and education programs; profit sharing; advancement opportunities; and much more! 

Imagine One is a Woman/Employee-Owned Business

ISO 9001:2015, ISO 20000-1:2011, ISO 27001:2013
CMMI Development Level 3

Imagine One Technology & Management, Ltd., is an Equal Opportunity/Affirmative Action Employer.  Protected veterans and individuals with disabilities encouraged to apply
 
 

 

Recommended skills

Risk Analysis
Information Systems
Mitigation
Vulnerability
Information Technology
Technical Writings
Get job alerts by email. Sign up now! Join Our Talent Network!

Job Snapshot

Employee Type

Full-Time

Location

Norfolk, VA

Job Type

Information Technology

Experience

Not Specified

Date Posted

01/30/2021

Job ID

13603286
Apply to this job.
Think you're the perfect candidate?
Apply Now