Arcfield
Information System Security Engineer (ISSE) Level 3/SME with Security
Arcfield, Chantilly, Virginia, United States, 22021
Overview
Arcfield was purpose–built to protect the nation and its allies through innovations in digital transformation, space mission engineering and launch assurance, miniaturized sensors and satellites, advanced modeling and simulation, cybersecurity, and conventional and hypersonic missile support. Headquartered in Chantilly, VA with 16 global offices, Arcfield employs more than 1,500 engineers, analysts, IT specialists, and other professionals with more than 60 years of collective proven experience supporting missions in cyber and space defense, space exploration, hypersonic and nuclear deterrence and warfighter readiness.
Responsibilities
Providing ISSE lifecycle support following NIST SP 800–160v1 and Customer RMF principles
Assessing and mitigating risks, providing recommendations to the Government
Researching and advising on new countermeasures for terrestrial and space systems
Developing and implementing effective security programs
Evaluating risks of integrating new systems into existing environments
Implementing and integrating Cross Domain Solutions
Analyzing IA/IS environments and providing INFOSEC recommendations
Recommending security architectures and network security measures
Identifying and analyzing IA–related vulnerabilities, threats, and risks
Coordinating remediation plans for addressing vulnerabilities
Developing authorization packages for ATO within required timelines
Guiding implementation of corrections for technical vulnerabilities
Providing guidance on security configuration control of hardware and software
Collaborating with program leads and SMEs on acquisition programs and projects
Supporting various meetings and reviews related to cybersecurity and INFOSEC
Following engineering concepts aligned with NIST SP 800–160
Defining ICS security requirements in coordination with stakeholders
Adopting and promoting industry best practices for vulnerability management and resilient operations
Conducting risk assessments and developing mitigation strategies for terrestrial and space systems
Designing and implementing comprehensive security programs and architecture
Overseeing integration of IA architecture into IT, ICS/SCADA systems, and Cross Domain Solutions
Performing E2E development and management of IA systems and components
Identifying, analyzing, and addressing IA–related vulnerabilities, threats, and risks
Creating cybersecurity documentation supporting the RMF process and ATO packages
Applying IA control implementation practices in line with IC and DoD security policies
Collaborating with stakeholders to define and implement security requirements, especially for ICS systems
Participating in IA Engineering Working Groups, forums, and relevant meetings
Integrating security functional requirements into acquisition lifecycle phases using systems engineering principles
Documenting and maintaining Customer–specific ISSE processes and procedures
Applying software engineering methodologies, security engineering principles, and secure coding techniques
Coordinating activities with Authorization and Accreditation stakeholders throughout the system lifecycle
Qualifications
Must possess and be able to maintain a TS/SCI clearance with polygraph
BS 12–15, MS 10–13, PhD 10+; a STEM degree
10 or more years of Information Assurance Systems Architect and Engineer (IASAE) support
Certifications:
CISSP–ISSEP
CISSP–ISSAP
CISM
CISSO
CISSP
CISSP–ISSMP
FITSP–M
GCIA
GCSA
GICSP
GSEC
GSLC
Knowledge of best practices when implementing security controls including:
SW engineering methodologies
Security engineering methodologies
Security engineering principles
Secure coding techniques
Coordinate activities with A&A stakeholders
Knowledge of and experience with:
ICD 503 and the Government's certification and accreditation process
Networks, computer components, protocols, and COTS technology
System methodologies including client/server, web hosting, web content servers, policy servers, directory servers, firewalls, WAN, MAN, LAN, switches, and routers
SW integration of COTS and GOTS products
Virtualization platforms and technologies
Desirable: Education relevant to computer engineering, INFOSEC, information management, and/or computer science
Experience in technical project management
Technical experience in:
Configuring and supporting Windows, Linux, Unix, Mac OS
Configuring and supporting VMware, Xen, Hyper V
SW engineering
Program design and implementation
Configuration management
System maintenance
Integration testing
IS engineering
EEO Statement We are an equal opportunity employer and federal government contractor. We do not discriminate against any employee or applicant for employment as protected by law.
#J-18808-Ljbffr
Responsibilities
Providing ISSE lifecycle support following NIST SP 800–160v1 and Customer RMF principles
Assessing and mitigating risks, providing recommendations to the Government
Researching and advising on new countermeasures for terrestrial and space systems
Developing and implementing effective security programs
Evaluating risks of integrating new systems into existing environments
Implementing and integrating Cross Domain Solutions
Analyzing IA/IS environments and providing INFOSEC recommendations
Recommending security architectures and network security measures
Identifying and analyzing IA–related vulnerabilities, threats, and risks
Coordinating remediation plans for addressing vulnerabilities
Developing authorization packages for ATO within required timelines
Guiding implementation of corrections for technical vulnerabilities
Providing guidance on security configuration control of hardware and software
Collaborating with program leads and SMEs on acquisition programs and projects
Supporting various meetings and reviews related to cybersecurity and INFOSEC
Following engineering concepts aligned with NIST SP 800–160
Defining ICS security requirements in coordination with stakeholders
Adopting and promoting industry best practices for vulnerability management and resilient operations
Conducting risk assessments and developing mitigation strategies for terrestrial and space systems
Designing and implementing comprehensive security programs and architecture
Overseeing integration of IA architecture into IT, ICS/SCADA systems, and Cross Domain Solutions
Performing E2E development and management of IA systems and components
Identifying, analyzing, and addressing IA–related vulnerabilities, threats, and risks
Creating cybersecurity documentation supporting the RMF process and ATO packages
Applying IA control implementation practices in line with IC and DoD security policies
Collaborating with stakeholders to define and implement security requirements, especially for ICS systems
Participating in IA Engineering Working Groups, forums, and relevant meetings
Integrating security functional requirements into acquisition lifecycle phases using systems engineering principles
Documenting and maintaining Customer–specific ISSE processes and procedures
Applying software engineering methodologies, security engineering principles, and secure coding techniques
Coordinating activities with Authorization and Accreditation stakeholders throughout the system lifecycle
Qualifications
Must possess and be able to maintain a TS/SCI clearance with polygraph
BS 12–15, MS 10–13, PhD 10+; a STEM degree
10 or more years of Information Assurance Systems Architect and Engineer (IASAE) support
Certifications:
CISSP–ISSEP
CISSP–ISSAP
CISM
CISSO
CISSP
CISSP–ISSMP
FITSP–M
GCIA
GCSA
GICSP
GSEC
GSLC
Knowledge of best practices when implementing security controls including:
SW engineering methodologies
Security engineering methodologies
Security engineering principles
Secure coding techniques
Coordinate activities with A&A stakeholders
Knowledge of and experience with:
ICD 503 and the Government's certification and accreditation process
Networks, computer components, protocols, and COTS technology
System methodologies including client/server, web hosting, web content servers, policy servers, directory servers, firewalls, WAN, MAN, LAN, switches, and routers
SW integration of COTS and GOTS products
Virtualization platforms and technologies
Desirable: Education relevant to computer engineering, INFOSEC, information management, and/or computer science
Experience in technical project management
Technical experience in:
Configuring and supporting Windows, Linux, Unix, Mac OS
Configuring and supporting VMware, Xen, Hyper V
SW engineering
Program design and implementation
Configuration management
System maintenance
Integration testing
IS engineering
EEO Statement We are an equal opportunity employer and federal government contractor. We do not discriminate against any employee or applicant for employment as protected by law.
#J-18808-Ljbffr