Information System Security Engineer in Maryland

• Lead Accreditation and Authorization (A&A) reviews by Group level ISSMs and Security Controls Assessors (SCA).
• Documents the various security control implementations as well as gather the artifacts that support the Risk Management Framework (RMF) and ICD 503 Security Accreditation for the various Assessment and Authorization (A&A) efforts.
• Document and obtain a general understanding of the architecture being developed or that was developed for each project in order to write the Systems Security Plans (SSP) / CONOPS.
• Gather the information by working with various systems owners, project managers, and engineering team members in order to write various additional A&A related documents such as Contingency Plan (CP), General User Guide (GUG), Privileged User Guide (PUG), Standard Operating Procedures (SOP' s), etc.
• Document the Plans of Actions and Milestones (POA&Ms) implementation responses or mitigations, as well as...

Northstrat is seeking an experienced and driven Information Systems Security Engineer (ISSE).  The candidate will perform system or network designs that encompass multiple enclaves, to include those with differing data protection/classification requirements. The candidate should understand distributed architectures and cloud-based systems for big data applications. Must be local to Columbia, MD, San Antonio, TX, or Augusta, GA. 

Essential Job Responsibilities: 

• Will create, review, and edit authorization documentation for completeness and accuracy in accordance with federal and DoD policy.  
• Thoroughly understand and be able to implement DoD RMF system accreditation processes. 
• Assess use case and operational risk of integrated open source, and GOTS/COTS software components.  
• Will use vulnerability management systems, automated security scanning tools, and system accreditation record...

• Perform or review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies
• Provide security planning, assessment, risk analysis, and risk management
• Perform system or network designs that encompass multiple devices, to include those with differing data protection/permission requirements
• Recommend system-level solutions to resolve security requirements
• Support the client in the enforcement of the design and implementation of trusted relationships among external systems and architectures

Requirements

TS/SCI with poly required

• Fourteen (14) years experience as an ISSE on projects of similar scope, type, and complexity is required
• Bachelor’s degree in Computer Science, Information Assurance, Information Security System...