Information System Security Engineer (ISSE)

Dark Wolf Solutions is seeking an Information Systems Security Engineer (ISSE). The ISSE will work as part of a team reviewing and assessing Risk Management Framework (RMF) authorization body of evidence for classified information systems, to include: System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Continuous Monitoring Plan, Incident Response Plan, Access Control Plan, Security Assessment Plan, etc. Review new and existing systems for technical compliance with IA directives and protection of data at all classification levels including SCI. Advise on in-depth security design review and threat/risk assessments. Provide inputs to technical artifacts, including Plans of Action and Milestones (POA&Ms), Security Control Traceability Matrices (SCTM), and Risk Assessment Reports (RARs). Conduct site visits and assessments to inspect IA plans and security control implementations and support Incident Response Team (IRT) activities.

• Conduct technical evaluation of information systems design, and information security aspects and accreditation.
• Perform vulnerability assessments using Nessus Security Scanner, Web Inspect and App Detective.
• Review requests for software installation and conduct technical risk assessments on software implementation.
• Coordinate and track security action requests and report status to senior managers.
• Assist customer staff in resolving operational security issues involving vendors who support the program.
• Analyze, modify when necessary and maintain the Program’s operational security posture.
• Conduct and analyze auditing requirements weekly.

• 5+ years of experience in IT security and/or information assurance
• Working knowledge of Intelligence Community Information Assurance policies and regulations and how they relate to the certification and accreditation process
• Experience authoring and maintaining systems security documentation
• Experience in generating appropriate security documentation to receive proper accreditation from customer security personnel, and correcting security shortfalls as they are identified through customer sponsored reviews
• Knowledge of threat Understanding of cyber environment and threats of our cyber adversaries
• Familiar with how to architect and implement the systems developments form a security perspective
• Possesses strong technical skills and analytic ability
• Posseses at least one of the following: cyber security certifications: Security+ CE, SSCP, CAP, CISM, CASP, CISSP, GSEC, GICSP, GSLC, CEH, CDNA, CSSLP
• Bachelor’s Degree
  
• US Citizenship and active TS/SCI clearance