LMI Consulting, LLC
Information Systems Security Engineer (ISSE) - Clearance Required
LMI Consulting, LLC, Arlington, Virginia, United States, 22201
Overview
Information Systems Security Engineer (ISSE) - Clearance Required Overview: LMI is seeking an Information Systems Security Engineer (ISSE) to provide cybersecurity Risk Management Framework (RMF) Authority to Operate (ATO) support. This position requires an active TS/SCI with CI poly. Responsibilities
Define system security requirements in coordination with security stakeholders including system engineers, program managers, security control assessors, and Authorizing Officials (or their delegates). Ensure cybersecurity requirements are identified, allocated, implemented, verified, and continuously monitored throughout the system life cycle. Provide independent cybersecurity advice and guidance to government stakeholders and contractor team members. Participate in recurring cybersecurity working group meetings. Develop or review system security designs and architectures, including those for cloud, on-prem or hybrid. Support Assessment and Authorization (A&A) cybersecurity reviews, identify gaps, and support risk management plans and execution. Support the Risk Management Framework (RMF) process for each product in the portfolio at all classification levels, including implementation of STIGs. Provide SME-level cybersecurity engineering support and input to product leads and cybersecurity teams to produce and maintain Authority to Operate (ATO) packages and successfully achieve/maintain ATOs. Support Interim Authority to Test (IATT), risk assessment/acceptance, and/or other ATO-related activities. Identify and interpret security control non-compliance to determine risk impact and overall effectiveness of the enterprise's cybersecurity program. Work with ISSM and product teams to identify controls, develop mitigations, and track POAM documents to ensure ATO packages are technically sound before submission for review. Advise system engineers on remediation of vulnerability findings using security scanning tools and best practices. Support cybersecurity engineering analysis of alternatives, tradeoffs, and risk treatment decisions. Collaborate with interdisciplinary teams to deliver trustworthy and secure systems. Qualifications
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field. 8 years minimum of system and/or security engineering work performed in support of U.S. Government customers. Experience with space systems. Experience authoring and maintaining RMF A&A documentation (e.g., System Security Plans, Security Assessment Reports, and Plans of Action and Milestones). Knowledge of ICD 503 and the Government certification and accreditation process. Knowledge of client/server architecture, web hosting, web content servers, policy servers, directory servers, firewalls, WAN/LAN architectures, switches, and routers. Technical experience configuring and supporting Windows, Linux, Unix, and MacOS. Technical experience configuring and supporting VMware, Xen, Hyper-V. Understanding of virtualization platforms and technologies. Experience integrating GOTS and COTS software systems. Ability to explain complex cybersecurity issues to diverse audiences in layman's terms. Must possess and maintain a TS/SCI Security Clearance with Polygraph. Must possess and maintain one of the following credentials: CISSP, CISM, or CCSP. Desired Qualifications Experience with batch scripting/python. Experience with Cloud security planning, design, and operations (Azure, AWS GovCloud, etc.). Experience implementing DoD RMF (DoDI 8510.01). AWS Certified Security Specialty and/or AWS Certified Solutions Architect Professional. Target salary range: $109,242 - $189,108 Disclaimer:
The salary range displayed represents the typical salary range for this position and is not a guarantee of compensation. Final compensation is determined by factors including location, internal equity, business considerations, client contract requirements, and candidate qualifications (education, experience, skills, and certifications). Equal Opportunity
LMI is an Equal Opportunity Employer. LMI provides applicants and employees with equal employment opportunities regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, pregnancy, disability, age, protected veteran status, citizenship status, genetic information, or any other characteristic protected by applicable law. If you are a person with a disability needing assistance with the application process, please contact accommodations@lmi.org. #J-18808-Ljbffr
Information Systems Security Engineer (ISSE) - Clearance Required Overview: LMI is seeking an Information Systems Security Engineer (ISSE) to provide cybersecurity Risk Management Framework (RMF) Authority to Operate (ATO) support. This position requires an active TS/SCI with CI poly. Responsibilities
Define system security requirements in coordination with security stakeholders including system engineers, program managers, security control assessors, and Authorizing Officials (or their delegates). Ensure cybersecurity requirements are identified, allocated, implemented, verified, and continuously monitored throughout the system life cycle. Provide independent cybersecurity advice and guidance to government stakeholders and contractor team members. Participate in recurring cybersecurity working group meetings. Develop or review system security designs and architectures, including those for cloud, on-prem or hybrid. Support Assessment and Authorization (A&A) cybersecurity reviews, identify gaps, and support risk management plans and execution. Support the Risk Management Framework (RMF) process for each product in the portfolio at all classification levels, including implementation of STIGs. Provide SME-level cybersecurity engineering support and input to product leads and cybersecurity teams to produce and maintain Authority to Operate (ATO) packages and successfully achieve/maintain ATOs. Support Interim Authority to Test (IATT), risk assessment/acceptance, and/or other ATO-related activities. Identify and interpret security control non-compliance to determine risk impact and overall effectiveness of the enterprise's cybersecurity program. Work with ISSM and product teams to identify controls, develop mitigations, and track POAM documents to ensure ATO packages are technically sound before submission for review. Advise system engineers on remediation of vulnerability findings using security scanning tools and best practices. Support cybersecurity engineering analysis of alternatives, tradeoffs, and risk treatment decisions. Collaborate with interdisciplinary teams to deliver trustworthy and secure systems. Qualifications
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field. 8 years minimum of system and/or security engineering work performed in support of U.S. Government customers. Experience with space systems. Experience authoring and maintaining RMF A&A documentation (e.g., System Security Plans, Security Assessment Reports, and Plans of Action and Milestones). Knowledge of ICD 503 and the Government certification and accreditation process. Knowledge of client/server architecture, web hosting, web content servers, policy servers, directory servers, firewalls, WAN/LAN architectures, switches, and routers. Technical experience configuring and supporting Windows, Linux, Unix, and MacOS. Technical experience configuring and supporting VMware, Xen, Hyper-V. Understanding of virtualization platforms and technologies. Experience integrating GOTS and COTS software systems. Ability to explain complex cybersecurity issues to diverse audiences in layman's terms. Must possess and maintain a TS/SCI Security Clearance with Polygraph. Must possess and maintain one of the following credentials: CISSP, CISM, or CCSP. Desired Qualifications Experience with batch scripting/python. Experience with Cloud security planning, design, and operations (Azure, AWS GovCloud, etc.). Experience implementing DoD RMF (DoDI 8510.01). AWS Certified Security Specialty and/or AWS Certified Solutions Architect Professional. Target salary range: $109,242 - $189,108 Disclaimer:
The salary range displayed represents the typical salary range for this position and is not a guarantee of compensation. Final compensation is determined by factors including location, internal equity, business considerations, client contract requirements, and candidate qualifications (education, experience, skills, and certifications). Equal Opportunity
LMI is an Equal Opportunity Employer. LMI provides applicants and employees with equal employment opportunities regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, pregnancy, disability, age, protected veteran status, citizenship status, genetic information, or any other characteristic protected by applicable law. If you are a person with a disability needing assistance with the application process, please contact accommodations@lmi.org. #J-18808-Ljbffr