The Lead Information Security Engineer will provide Certification and Accreditation (C&A) support for the Distributed Common Ground System -“ Army (DCGS-A) Fixed systems at Army Theater MI Brigade locations. This support includes interim software sustainment and configuration management for the DCGS-A Fixed Storage (DFS) v1.0 on multiple classified networks.
This position is in support of the DCGS-A program located at Aberdeen Proving Ground, Maryland (APG). The Information Security Engineer will support the evaluation, integration and establishment of new security features and policies for the Storage systems as part of the DCGS-A POR as well as Assessment and Authorization (A&A)/Certification and Accreditation (C&A) support. The prospective candidate will provide security engineering design, implementation and test support in all aspects of Information Assurance and Information Security (InfoSec) Engineering throughout the Systems Development Life Cycle (SDLC) in accordance with DODI 8510.01 "Risk Management Framework (RMF) for DoD Information Technology (IT) and Intelligence Community Directive (ICD) 503, "Intelligence Community Information Technology Systems Security Risk Management".
They will design, test, and implement state-of-the-art secure operating systems, networks, and database products. Conducts risk assessment and provides recommendations for application design.
The Information Security Engineer is involved in evaluating and implementing security policies and controls encompassing various architectures, firewalls, electronic data traffic, and network access. Support will also include preparation of security reports to regulatory agencies such as Department of Defense (DOD) or members of the Intelligence Community (IC).
Determine/analyze and decomposes security requirements to the level of detail that can be implemented and tested
Assess configuration of systems IAW the appropriate Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGS) and Security Requirements Guides (SRGs).
Verify and validate system security requirements have been implemented according appropriate DOD, IC and Army regulations for the systems operational environment
Perform system certification and accreditation planning and testing and liaison activities; support secure systems operations and maintenance
Perform security engineering analysis, risk and vulnerability assessment to assess and mitigate system security threats/risks throughout the program life cycle
Monitor and analyze security functional tests
Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects
Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services
Current active Top Secret/SCI - With the ability to obtain a CI Poly
CISSP, CCNA, Security+, Network+
A&A/C&A documentation (SSP, SCTM, SAR, SSAA, SECCONOPS, ST&E plans and reports
DCID 6/3, ICD-503 Risk Management Framework (RMF) Process, DIACAP CNSS 1253, NIST 800-53, FIPS 199, NIST SP 800-37, NIST SP 800-137, DoD 8500 series.
Implementation experience of NIST SP 800-53 control set and NIST SP 800-53A control validation procedures.
Knowledge of NIST SP 800-37
Linux and Windows Administration and Engineering Experience.
Implementation experience with Host Based Security System (HBSS) policy and guidance.
Knowledge of information security engineering and design concepts and principles.
Microsoft Active Directory Integration and setup
Vulnerability analysis experience using Retina
Security Technical Implementation Guides (STIGs) implementation and compliance
Information Assurance Vulnerability Management (IAVM) process support
Experience with Virtual platforms & Networking
EDUCATION & EXPERIENCE:
Typically requires a bachelor's degree or equivalent and 12 years related experience. Master's degree or doctorate in field mathematics, telecommunications, electrical engineering, computer engineering, computer science is preferred.
Normal demands associated with an office environment. Ability to work on computer for long periods, and communicate with individuals by telephone, email and face to face. Some travel may be required.
US-Aberdeen Proving Ground-MD-BALTIMORE