Information Systems Security Engineer (ISSE) - Clearance Required
Tysons, VA, United States
Full Time Senior-level / Expert Clearance required USD 75K - 140K *
Logistics Management Institute
With a legacy of solving the government’s most complex challenges and an outcome-driven model to execute above expectation, LMI transforms missions with solutions that define the new speed of possible.Overview
LMI seeks a skilled Cybersecurity Information Systems Security Engineer (ISSE) to support activities related to shipyard modernization as part of enterprise-wide U.S. Navy strategic modernization and improvement efforts. LMI is helping NAVSUP, NAVSEA, and the shipyards use technology to track materiel through the shipyards to address long-standing problems.
LMI: Innovation at the Pace of Need™
At LMI, we’re reimagining the path from insight to outcome at the new speed of possible. Combining a legacy of over 60 years of federal expertise with our innovation ecosystem, we minimize time to value and accelerate mission success. We energize the brightest minds with emerging technologies to inspire creative solutioning and push the boundaries of capability. LMI advances the pace of progress, enabling our customers to thrive while adapting to evolving mission needs.
Responsibilities
- Define system security requirements in coordination with security stakeholders including system engineers, program managers, security control assessors, and authorizing officials.
- Ensure cybersecurity requirements are identified, allocated, implemented, verified, and continuously monitored throughout the system life cycle.
- Provide independent cybersecurity advice and guidance to government stakeholders and contractor team members.
- Participate in recurring cybersecurity working group meetings.
- Develop or review system security designs and architectures, including those for IoT or OT devices.
- Support Assessment and Authorization (A&A) cybersecurity reviews, identify gaps, and support risk management plans for cybersecurity personnel to execute.
- Support the Risk Management Framework (RMF) process for each product in the portfolio.
- Provide SME level cybersecurity engineering support and input to product leads and cybersecurity teams to produce authority to operate (ATO) packages and successfully achieve ATOs.
- Support interim authority to test (IATT), risk assessment /acceptance, and all other ATO related activities.
- Interpret security control noncompliance to determine the impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
- Work with product teams to identify controls, develop appropriate mitigations, and develop and track Program of Action and Milestone (POAM) documents to ensure that ATO packages are technically sound before submission to the program cyber staff for review.
- Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
- Advise system engineers on the best methods to remediate vulnerability findings through the use of security scanning tools and DoD / Industry best practices.
- Support cybersecurity engineering analysis of alternatives, tradeoffs, and risk treatment decisions.
- Work with interdisciplinary teams to deliver trustworthy and secure systems.
Qualifications
Required:
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field
- 5 years minimum of system and/or security engineering work performed in support of U.S. Government customers
- Experience reviewing and developing of RMF Assessment and Authorization (A&A) documentation, e.g., System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POAMs)
- Experience implementing DoDI 8510.01 Risk Management Framework for DoD
- DoD 8570 IASAE Level II baseline certification (CISSP, CCSP, etc.)
- Must possess and maintain a Secret Security Clearance
Desired:
- Knowledge of Cloud (i.e., Azure, Amazon C2S, Commercial and GovCloud) security planning, design, and operations.
- One or more years of experience with networking and network security
- Ability to explain complex cybersecurity issues to a diverse audience in layman's terms.
- Experience presenting verbal/written communications to Senior leadership including – Information Systems Security Engineer (ISSM), System Owners, Authorizing officials, and security leads.
- Experience with systems engineering lifecycle processes.
- Proven ability to balance priorities in a dynamic, mission-oriented environment.
- Experience with agile frameworks and Continuous Integration/Continuous Delivery (CI/CD) frameworks such as DevOps or DevSecOps.
- Experience with cloud cybersecurity implementations.
- DoD 8570 IASAE Level III certification, such CISSP-ISSAP or CISSP-ISSEP or ability to be certified at level III within 6 months of start.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Azure CCSP CI/CD CISSP Clearance Clearance Required Cloud Compliance Computer Science DevOps DevSecOps DoD DoDD 8570 ISSE Monitoring Network security Risk assessment Risk management RMF Security assessment Security Assessment Report Security Clearance System Security Plan
Perks/benefits: Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open Senior Network Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open DoD-related jobs