Mantis Security Corporation
Information System Security Engineer (ISSE) with Security Clearance
Mantis Security Corporation, Herndon, Virginia, United States, 22070
Job Description: Information Systems Security Engineer (ISSE)
Mantis Security is a leading specialty firm of high-caliber talent specializing in Cyber Operations, Cyber Defense, Information Assurance, Software Development, DevSecOps, Security Engineering, and Cloud Engineering. We focus on protecting our nation's critical IT assets and investing in our employees' long-term careers. We are seeking an experienced
Information Systems Security Engineer (ISSE)
to join our team. In this role, you will define security requirements and integrate them into information systems through purposeful security design. What You'll Be Doing:
Develop and implement security designs ensuring hardware, OS, and software applications meet cybersecurity requirements and Security Controls Traceability Matrix (SCTM). Identify vulnerabilities, non-compliance issues with IA standards, and recommend mitigation strategies. Implement and validate Security Technical Implementation Guide (STIG) requirements and perform SRG assessments. Develop and customize Splunk applications and dashboards. Create Security Test Procedures (STP), conduct self-assessments, and support A&A testing. Conduct risk analyses, review ACAS, CVEs, plugins, CWEs, and collaborate with System Administrators to mitigate vulnerabilities. Execute continuous monitoring, respond to data calls, scan requests, and generate security metrics reports. Ensure control implementations enforce data access and network flow restrictions aligned with monitoring strategies. Participate in Agile planning to provide technical input. Support government reporting and activities for IC and DoD authorities. Assist in security authorization activities following NIST RMF, CNSSI No 1243, and other policies. Help architects and developers implement security functionalities ensuring compliance with security policies and enterprise solutions. Apply security engineering expertise across various domains including system design, risk management, intrusion detection, and certification processes. Must Haves:
US Citizen 8+ years of relevant experience with a Bachelor's degree in Computer Science, Information Assurance, or related field (Master's may substitute 2 years of experience; 4 years of additional experience may substitute for a degree) DoD 8570 IASAE Level 3 compliance 3+ years scripting experience (Linux/RedHat, networking appliances) Active TS/SCI clearance with ability to obtain polygraph Information Systems Security Engineering Professional (ISSEP) and CISSP certifications Nice to Haves:
Experience with mitigation strategies and problem resolution Knowledge of DISA STIGs and SCAP tools Server administration and vulnerability management skills Experience extending security applications and automation Proficiency in scripting languages (Shell, Python, JavaScript, PowerShell) Ability to provide vulnerability and malware remediation guidance Experience analyzing vulnerabilities and implementing corrective actions We value our employees and offer a culture of innovation and growth, along with competitive benefits to support work-life balance. For more information, visit our website. #J-18808-Ljbffr
Mantis Security is a leading specialty firm of high-caliber talent specializing in Cyber Operations, Cyber Defense, Information Assurance, Software Development, DevSecOps, Security Engineering, and Cloud Engineering. We focus on protecting our nation's critical IT assets and investing in our employees' long-term careers. We are seeking an experienced
Information Systems Security Engineer (ISSE)
to join our team. In this role, you will define security requirements and integrate them into information systems through purposeful security design. What You'll Be Doing:
Develop and implement security designs ensuring hardware, OS, and software applications meet cybersecurity requirements and Security Controls Traceability Matrix (SCTM). Identify vulnerabilities, non-compliance issues with IA standards, and recommend mitigation strategies. Implement and validate Security Technical Implementation Guide (STIG) requirements and perform SRG assessments. Develop and customize Splunk applications and dashboards. Create Security Test Procedures (STP), conduct self-assessments, and support A&A testing. Conduct risk analyses, review ACAS, CVEs, plugins, CWEs, and collaborate with System Administrators to mitigate vulnerabilities. Execute continuous monitoring, respond to data calls, scan requests, and generate security metrics reports. Ensure control implementations enforce data access and network flow restrictions aligned with monitoring strategies. Participate in Agile planning to provide technical input. Support government reporting and activities for IC and DoD authorities. Assist in security authorization activities following NIST RMF, CNSSI No 1243, and other policies. Help architects and developers implement security functionalities ensuring compliance with security policies and enterprise solutions. Apply security engineering expertise across various domains including system design, risk management, intrusion detection, and certification processes. Must Haves:
US Citizen 8+ years of relevant experience with a Bachelor's degree in Computer Science, Information Assurance, or related field (Master's may substitute 2 years of experience; 4 years of additional experience may substitute for a degree) DoD 8570 IASAE Level 3 compliance 3+ years scripting experience (Linux/RedHat, networking appliances) Active TS/SCI clearance with ability to obtain polygraph Information Systems Security Engineering Professional (ISSEP) and CISSP certifications Nice to Haves:
Experience with mitigation strategies and problem resolution Knowledge of DISA STIGs and SCAP tools Server administration and vulnerability management skills Experience extending security applications and automation Proficiency in scripting languages (Shell, Python, JavaScript, PowerShell) Ability to provide vulnerability and malware remediation guidance Experience analyzing vulnerabilities and implementing corrective actions We value our employees and offer a culture of innovation and growth, along with competitive benefits to support work-life balance. For more information, visit our website. #J-18808-Ljbffr