Information System Security Engineer (ISSE)

Location: Chantilly
Clearance Requirement: TS/SCI with FSP

The successful candidate will support overall network defense activities, provide in-depth analysis of suspected malicious code and/or infected systems and network devices, perform necessary inspection and reverse-engineering activities to understand the behavior of software, determine the root cause for the presence of threats, and develop recommendations to counter threats.

Duties, Tasks & Responsibilities

  • Conducting proof of concept testing
  • Designing, testing, and integrating new security products as directed
  • Beta testing new capabilities when directed, and conducting software testing as required (patches and other updates)
  • Maintaining a robust library of documentation, to include network diagrams for cyber defense capabilities and sensors, and making documentation available to all personnel with appropriate need-to-know
  • Providing engineering support for all primary systems, such as network-based intrusion detection and prevention systems
  • Maintaining, updating, and conducting routine vulnerability scanning across all Customer networks
  • Overseeing patching, hardening, and base-lining activities across all Customer networks, and ensuring all stakeholders are in compliance with patching/hardening requirements
  • Maintaining, updating, configuring, and ensuring the successful deployment of logging/auditing tools across Customer networks
  • Maintaining system baselines and configuration management items, including security event monitoring policies
  • Working with all stakeholders to ensure complete and functioning systems that meet all requirements
  • Ensuring all network defense capabilities are kept current, patched, and securely configured, and the management is informed of status
  • Analyzing data flows into, out of, and across Customer networks to identify and rectify any security gaps
  • Performing limited penetration testing into targeted networks as directed

Required Experience, Skills, & Technologies

  • Significant, hands-on experience with Splunk and other security/monitoring tools such as Solarwinds, WhatsUp Gold, or similar tools
  • Experience working across a large team to drive a security agenda
  • Experience working with complex, intertwined systems and data flows
  • Significant, demonstrated experience meeting security requirements in the Customer’s environment or similar environments (prior ISSE experience)
  • Experience inventorying complex networks, and with all facets of network documentation (security compliance, configuration management, patching, centralized authentication, removable media, etc.)
  • Hands-on experience with a wide range of diverse technologies/disciplines, especially with a security focus (networking, UNIX/Linux, Windows, Storage, Virtualization, etc.)
  • Expert-level abilities in the following areas:
    • Maintaining, configuring, and monitoring network security applications, network devices, encryption technologies, operating systems, and storage appliances
    • Securing information technology infrastructures
    • Monitoring network defense technologies and analyzing the outputs
    • Identifying and/or innovating solutions or measures to protect networks within budgetary and/or infrastructure constraints
    • Creating, maintaining, and communicating complex information technology documentation, particularly network and security documentation
    • Executing penetration tests, formal assessments, and other formal information security and compliance inspections
  • Self-starter with excellent people skills – able to work across teams, organize meetings/boards, and drive change throughout an organization

Desired Experience, Skills & Technologies

  • CCNA strongly desired
  • CISSP strongly desired
  • Experience with the Xacta 360 cyber risk and compliance automation tool
  • Experience navigating the Sponsor’s accreditation process and ICD 503 requirements