Information System Security Engineer

Salary: $100k - $145k/yr.

Employment Type: Permanent

Location: Tampa, FL

Industry: Department of Defense

Clearance: Ability to Obtain

Hard Requirements: CISSP or CASP+ Certification

Required Qualifications:

B.S. degree in Computer Science, Computer Engineering, Information Technology, Electrical Engineering, or other technical equivalents.

Five years of directly related experience in the implementation of DOD security requirements and contractor/government information security.

At least one of DoD 8570.01-M Information Assurance Management (IAM) Level II Approved Baseline Certification (CAP, CASP+CE, CISM, CISSP (or Associate), GSLC, or CCISO.)

Experience with NIST Special Pamphlet (SP) 800-37 Guide for Applying the Risk Management Framework, NIST SP 800-53 Rev. 5 Security and Privacy Controls for Federal Information Systems and Organizations.

Experience documenting compliance/non-compliance of security controls in the Enterprise Mission Assurance Support Service (eMASS)

Ability to write System Security Plans (SSP) including classified portions, acceptable to Authorizing Official and compliant with all applicable DOD Directives and Instructions.

Incumbent must hold current or be eligible for DOD Personnel Security Clearance at the Top Secret level.

Thorough knowledge and experience with the NISPOM, DOD security-related instructions and directives, and specific services security-related regulations required.

Extensive experience with hardware/software platforms including MS Windows, Linux, and UNIX.

Military service or military environment familiarity, customs/protocol experience preferred.

Responsibilities:

Responsible for DoD collateral information systems as ISSE. Design, write, and audit procedures for compliance with handling, marking, access, auditing, and logging actions as specified in NISPOM and the System Security Plan (SSP) for DSS-accredited systems.

Prepare, maintain, and implement SSPs, under ISSM oversight, for government approval.

Establishes proactive reporting system for non-compliance, intrusion, or abuse of information security procedures within classified areas and investigates and recommends corrective actions for violations to the ISSO and FSO.

Conduct scheduled inspections of systems/facilities that process classified information.

Maintain and audit all logs and records associated with classified operation procedures.

Audit security logs, reports, daily system audits, security logs, and authentication features to assure security-relevant actions are properly implemented and executed.

Originate, deliver, and document security briefings to program personnel to include each user signing acknowledgment of responsibility for the security of IS classified operations.

Brief and document annual active user ID revalidation and IS Configuration Management

Evaluate program proposed changes or additions to IS and advice ISSM of relevance.

Provide guidance and expertise to proposal managers to define requirements for applications, installations, and program architecture for information security systems to develop Contract Data Requirements Lists for classified contract efforts.

Perform and document annual risk assessments to determine if additional countermeasures are required.

Provide guidance on all DOD Mission Assurance Categories and confidentiality levels.

Responsible for collateral material marking, shipping, inventory, and safeguarding.

Obtain and maintain an Authorization To Operate (ATO) for software and hardware systems connecting to NIPRNet and SIPRNet.

EOE/ADA

#clearance

#LI-SRG