Information Systems Security Engineer (ISSE) - SME - USAF CWMS

Founded in 2002 and headquartered in Washington DC, Federated IT is dedicated to enhancing national security We leverage our extensive experience and technical expertise to deliver tailored solutions to federal customers. We offer robust, leading-edge information technology and cybersecurity solutions Our project portfolio includes the customization and delivery of optimized cloud computing, data center operations and migration, enterprise architecture, scientific research and analyses, and cyber security solutions. We serve the DoD, the IC, Federal Law Enforcement, and select federal civilian customers worldwide. Federated IT offers a productive, and collaborative work environment and competitive compensation packages including medical and dental insurance, paid time off (15-days) and holidays, tuition reimbursement, 401K, short and long-term disability, HSA/FSA, employee life insurance, and more.


Our Core Principles:  We value our PEOPLE, their integrity, their skills, and their professionalism - they enhance our reputation and ensure the success of our company. We value our position of trust with our clients --we strive to increase it in all interactions. We strive to provide the highest quality products and services at competitive prices; we constantly seek "best value" solutions for our clients.

Summary:


The Information Systems Security Engineer (ISSE) will directly support the Secretary of the Air Force (SAF) / Office of Competition (OC) Mission Partner Capabilities Office (MPCO) also known as SAF/CDMX Directorate. The Mission Partner Capabilities Office provides design, configuration, accreditation and implementation of mission and R&D information management systems and cloud-based solutions that support defense and intelligence priorities as well as internal business processes and mission functions, network communications, database management, security accreditation, and workflow management. The ISSE will design and implement secure system architectures to protect SAF/OC information systems from cyber threats. The ISSE will work closely with ISSMs, ISSOs, and IT teams to integrate security controls and ensure compliance with RMF, NIST 800-53, and DoD security standards.


Essential Duties and Responsibilites:

The ISSE is responsible for designing, implementing, and maintaining security controls to protect the organization's information systems in accordance with Department of Defense (DoD) requirements. This role involves collaborating with various stakeholders to ensure that security measures are effectively integrated into the system development lifecycle (SDLC) and that compliance with relevant regulations is achieved. This is a unique hands-on technical role in such that the ISSE is responsible for compliance-based cybersecurity engineering to include but not limited to cybersecurity engineering and generation of body of evidence requirements per DoD Risk Management Framework (RMF). Additionally, the ISSE shall provide management and professional support, assistance, advice, to support the efficient and effective management and operation of the organization, activities, or systems specifically related to cybersecurity in all phases of RMF. This role will be the technical component supporting the ISSM. Per PWS section 1.3.9, Cybersecurity Support, specific tasks and responsibilities include but are not limited to:

Specific responsibilities include but are not limited to:

  • Provide expertise and recommendations in applying security requirements to complex combatant command projects, identifying gaps, and while integrating new technologies.
  • Develop secure system architectures and hardening solutions.
  • Conduct vulnerability assessments, security testing, and continuous monitoring.
  • Implement security controls per RMF and NIST guidelines.
  • Support risk assessments and incident response efforts.
  • Ensure security policies and best practices are integrated into system design.
  • Develop strategies to address potential solutions to complex problems.
  • Develop and document requirements from project inception to conclusion.
  • Provide strategic advice, technical guidance, and expertise to program and project staff.
  • Apply security controls and all technical mechanisms required by DoD RMF/Joint Special Access Program Implementation Guide (JSIG)/and Intelligence Community (IC) Directives and building security assessment procedures and evidence for assessment by Authorizing Officials of body of evidence.
  • Engineering, administration, and configuration of Nessus scans and policies, Trellix/McAfee back end and policies, Splunk and Elastic SIEM administration, engineering, and query languages (SPL, SQL, or ES/QL) for analysis.
  • Apply STIGs, and various security mechanisms within Windows, Linux, and AWS cloud consoles.
  • Identify and analyze information system vulnerabilities and compliance issues.
  • Administration of AWS cloud console and cybersecurity mechanisms, and STIG/SCAP compliance checker.
  • Execute incident response as necessary
  • Provide detailed analysis, evaluation, and recommendations for improvements, optimization, and/or maintenance efforts for specified mission-critical challenges/issues as related to system vulnerabilities and remediation.
  • Coordinate cross-functional teams through meetings and progress measuring activities.
  • Participate in project performance review meetings and discussions.
  • Support a cross-functional teams with cybersecurity support.

Required Qualifications, Education, and Experience:

  • Clearance: TS/SCI Eligible / SAP Eligible
  • Education: MA/MS in Cybersecurity, Computer Science or related field (or BS in a related field plus an additional 4 years of related work experience)
  • A minimum of fifteen (15) years of related work experience in information security, and of those years, at least ten (10) years of experience supporting a component of the Department of Defense (DoD) or Intelligence Community (IC).
  • DoD 8570.01-M IAT Level III technical certification (such as CISSP, CASP, or other level 3 technical certification) is required
  • Cloud Service Provider Associate Certification (AWS, Azure, Oracle, or Google)
  • Excellent oral, written, and interpersonal communication skills.
  • Expertise in building bodies of evidence and assessment and authorization packages/activities within DoD and IC environments, specifically Special Access Programs.
  • The ability to work under pressure and meet deadlines in a rapidly changing and demanding environment.
  • Strong attention to detail, flexibility, and the ability to context switch.
  • Expert in multiple domains of Information Technology, including cloud, cybersecurity, networking, and others.
  • Expert in two or more of the following domains: vulnerability analysis and vulnerability management, SIEM operations and defensive cyber operations, system hardening and cyber tool engineering.
  • Cybersecurity engineering is related to the RMF lifecycle, security control enforcement, body of evidence creation, and continuous monitoring, assessment, and authorization processes.
  • Operating in overlapping security control and overlay environments (CNSSI 1253, Executive Order 12333, Intelligence, JSIG, etc.).
  • Experience in overlapping domains at multiple classifications, including vulnerability analysis, SIEM operations, cyber network defense, cyber operations, malware analysis, information systems security management, or engineering.
  • Proficiency with Xacta or eMASS.
  • Experience with DoD Joint Special Access Program Implementation Guide (JSIG), AF Cyber policies, NIST SP 800 Series, and CNSSI 1253 security controls and overlays.
  • Experience operating in cloud cybersecurity and shared responsibility models, networking, and/or data experience is required.

Desired Qualifications, Education, and Experience:

  • Experience with DEVSECOPS, containerization, and zero-trust architectures (preferred)
  • Splunk or Elastic Certifications (preferred)
  • Experience with Department of Defense (DoD) Special Access Program (SAP) administrative processes (preferred)

The Successful Candidate will Possess:

  • Prospective candidates should have strong risk management skills, excellent communication, teamwork, and conflict management skills.
  • The candidate must be analytical and effectively able to prioritize needs, requirements, and other issues.
  • Ability to communicate and interact effectively at all levels of staff and management.
  • Ability to exercise independent judgment, develop relationships, and obtain consensus among interested parties.
  • Critical thinker with strong technical skills, diagnostic skills and problem-solving ability
  • Solid written and verbal communication skills to negotiate direction, drive projects and projects to successful conclusion and deliver knowledge to team members verbally and via clear designs, runbooks and technical engineering and exchange sessions
  • Self-starter, flexible, adaptable, collaborative and motivated to champion continuous improvement
  • Ability to develop peer networks across an enterprise to maintain technology awareness and to support resolution of problems
  • Ability to operate across traditional technical boundaries, comfortable working in the compute space as well as the storage space in an operational capacity
  • Technically curious and driven to learn new skills.

General Factors:

  • Depending on project requirements, may be required to work within a compressed schedule; overtime should be expected when schedules demand it.
  • Willing to travel, if needed.
  • No Relocation.

USAF

Fairfax, VA

Share on:

Terms of servicePrivacyCookiesPowered by Rippling