ISSE - Information Systems Security Engineer (Lead) at Steampunk

Posted in Other 6 days ago.

This job brought to you by America's Job Exchange

Type: Full Time
Location: Chantilly, Virginia





Job Description:

ISSE - Information Systems Security Engineer (Lead)

Job Location

US-VA-Chantilly

Job ID

2533

Clearance Requirement

Public Trust

Overview

Design. Disrupt. Repeat.
Be an agent of change on a team committed to achieving client-focused, mission-driven excellence. Steampunk is the explosive collision of human-centered design and traditional government contracting. We are an employee-owned company with a startup mindset and time-tested approaches tailored for the federal government. We're passionate about creating solutions that are impactful, practical, and scalable while meeting our clients' ever-changing needs. We believe in empowering our people to find creative solutions to intractable problems. We believe the best environment in which to grow and thrive is outside our comfort zone. We believe that while good design makes for a good product, human-centered design makes for an excellent one.

Why Steampunk?
Our people are the very core of what we do; their expertise and hunger for new and exciting challenges fuel our relentless pursuit of mission success. As part of our team, you'll test the status quo, explore new boundaries, and set the bar high for how government clients expect to engage with contractors.

Because we value our employees' work/life balance (and believe those who work hard deserve to play hard), we offer a very competitive benefits package, including telework/flex scheduling, health/dental with orthodontics/vision insurance upon hire, paid time off with a sell-back benefit and carryover option, 11 Federal Holidays, 100% paid military leave, 100% 401(k) plan match upon hire, professional development/education reimbursement, all flexible spending accounts, and more.

We believe effective teams are powered by diverse perspectives, backgrounds, and experiences. To that end, Steampunk is an equal opportunity employer committed to promoting diversity of race, gender, sexual orientation, religion, ethnicity, national origin, disability status, and protected veteran status, amongst our ranks. Additionally, we participate in the E-Verify program.

Contributions

Steampunk is looking for you to join our DOD team as a Information System Security Engineer. In this role you'll be working with other clients, contractors, and Steampunks to support mission critical systems. You'll be an imbedded team members with a system team and will be responsible for assisting and working with this team to identify cybersecurity threats to the sytem, making recommendations for corrective actions, and implementing solutions to keep mission critical systems safe and secure.

The successful candidate has IT experience with NIST 800-37,' Guide to Applying Risk Management Framework to Federal Information Systems,' NIST 800-53rev4 'Security and Privacy Controls for Federal Information Systems and Organizations,' NIST 800 160 'Systems Security Engineering Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems.' This candidate must be well versed in applicable laws and standards such as HIPPA and HITECH to implement secure applications, and networks. They must have familiarity and experience in the implementation of cyber security requirements to follow FISMA and FedRAMP guidelines.

Additional Details of the Role:
Security engineering team technical lead as the single point of contact with a federal customer
- Deep understanding of the RMF process and ability make recommendations and clearly articulate them to customers and security engineering teams for tasking
- Implement the Cyber Security requirements of IT systems and applications documenting them in formal security engineering documents using Risk Management Framework and supporting artifacts associated with risk assessments.
- Ability to perform security analysis to determine gap, compensating/mitigating controls, and residual risk
- Identify security risks through the security impact analysis, system risk assessments and technology security risk reports.
- Implement IT security solutions and assures successful implementation
- Apply knowledge of security principles, policy, and regulations to daily tasking
- Conduct security compliance evaluations on IT products using all source analysis, test lab, and apply test results to create secure configuration guidelines and baselines.
- Apply knowledge of security principles, policy, and regulations to daily tasking
- Effectively and efficiently communicate and collaborate with external and internal customers of any hardware and software configuration changes that adversely affect any current system security and their configurations or violates policy

Qualifications

Qualifications and Education Requirements
- Bachelor's Degree or higher in computer science, electronics engineering, or other engineering or technical discipline and eight (8) years of experience is required. An additional six (6) years' experience may be substituted for degree requirement.
- Excellent communication skills with executive leadership at a federal agency (GS-15 and above)
- Experience working with:
- Networking concepts, protocols and security methodologies
- NIST 800-53rev4, NIST 800-37; FISMA, and FedRAMP requirements
- Resource management principles and techniques to meet deliverables deadlines efficiently to provide quality products.
- DISA Security Requirements Guides (SRGs), Security Technical Implementation Guide (STIGs), and Center for Internet Security (CIS) Benchmarks
- Demonstrated experiencing managing and leading small technical teams
- Must have technical knowledge using network security scanners, SCAP scans, vulnerability scanners, packet analyzers, and penetration testing methods.
- One or a combination of the following experience in administration/engineering of operating systems, database systems, and network systems
- Risk Management Framework RMF
- Expert technical knowledge of risk management, and information security concepts and technologies
- Experience with Cyber Security document management and familiar with security and privacy rules
- Excellent analytical and problem-solving skills
- Ability to facilitate and coordinate efforts with key government and non-government stakeholders
- Self-starter that can work under general direction in a highly collaborative, team-based environment
- Ability to obtain and maintain a Public Trust clearance
- Previous Government contracting work experience
Preferred / Desired Skills:
- CISSP or ISSEP or CCSP

About steampunk


Steampunk is a Change Agent in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors. Through our Human-Centered delivery methodology, we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges. As an employee owned company, we focus on investing in our employees to enable them to do the greatest work of their careers - and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit http://www.steampunk.com.

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Steampunk participates in the E-Verify program.

Need help finding the right job?

We can recommend jobs specifically for you!
Click here to get started.

.


Sponsors