- Professional
- Optionales Büro in Philadelphia
Job Title: Information Systems Security Engineer (ISSE)
Location: Philadelphia, PA
Clearance Requirement: Secret
Employment Type: Full-Time
Job Summary:
We are seeking a highly skilled Information Systems Security Engineer (ISSE) to support cybersecurity initiatives by ensuring that system security requirements are properly defined, implemented, and maintained throughout the system development lifecycle. The ideal candidate will possess strong technical acumen in security engineering practices and extensive experience in integrating cybersecurity solutions into complex environments.
Key Responsibilities:
- Analyze, capture, and refine information security requirements to ensure secure system design and operations.
- Collaborate with system architects, engineers, and developers to integrate security into system designs and implementations.
- Develop and enforce security policies, standards, and procedures to ensure compliance with federal, DoD, and agency-specific regulations.
- Implement and manage security controls, configuration changes, software/hardware updates, patches, and secure configurations.
- Perform continuous monitoring and vulnerability scanning to assess security posture and mitigate risks.
- Conduct security assessments to support system accreditation (e.g., RMF processes), including documentation of System Security Plans (SSPs), Security Assessment Reports (SARs), and Plan of Action and Milestones (POA&Ms).
- Ensure that security considerations are integrated throughout the lifecycle of systems, including design, development, testing, deployment, and decommissioning.
- Provide technical guidance on best practices in information assurance and cybersecurity.
Required Qualifications:
Education:
- Bachelor's degree in Computer Science, Information Technology, or a related STEM field from an accredited college or university.
Experience:
- Minimum of seven (7) years of professional experience in:
- Capturing and refining operational and information security requirements.
- Implementing security controls, updates, patches, and secure configurations.
- Performing vulnerability assessments and remediation activities.
- Supporting the development, integration, and maintenance of secure IT systems.
Certification:
- Must possess a baseline Information Assurance certification as defined in DoD 8570.01-M / CSWF Table (e.g., Security+ CE, CISSP, CASP+, etc.).
Preferred Qualifications:
- Experience with DoD Risk Management Framework (RMF) and associated assessment and authorization (A&A) processes.
- Familiarity with tools such as ACAS, HBSS, Nessus, SCAP, STIGs, and SPLUNK.
- Experience with cloud security in AWS or Azure environments.
- Knowledge of NIST 800-53, CNSSI 1253, and other federal cybersecurity standards.
