Active Secret Clearance Required
Sr. Security Engineer - IA/Security/Cybersecurity
Duties and Responsibilities:
Expert consultant in all aspects of cybersecurity/information assurance (IA)
including cybersecurity solutions development, certification process and
security/software sustainment activities for the Integrated Personnel and Pay
System - Army (IPPS-A) . Manages major information security efforts of
national significance. Work independently or in a team in support of a
customer on site. Clear technical understanding of the risks,
vulnerabilities, and technical methods for mitigations. Develops new and
complex systems security solutions, including hardware and software.
Specific Duties and Responsibilities:
Provides expertise for the development of new systems.
Provides expert level security analysis and consultation services for product,
system and network architecture designs.
Publishes reports and keeps metrics for client systems.
Conducts system assessments to ensure specified system controls are effective.
Analyzes and reviews security findings and data. Identifies trends and root
causes of system failures or vulnerabilities.
Ensures that Information Systems Security policies, procedures, and practices
are compliant with prescribed directives.
Serve as alternate ISSO
BA/BS 10-12 years of relevant experience
Recent work experience in Information Assurance/Cybersecurity
Designing and/or performing activities for Assessment and Authorization (A&A)
Experience in Cybersecurity system sustainment activities
Experience in supporting the design and development activities of enterprise
Active final Secret clearance.
Work experience should include:
Security/Software Development Lifecycle (SDLC)
Experience in PMO cybersecurity support
Knowledge of CNSS1253, FIPS 199, FIPS 200, NIST SP 800-53
Knowledge of or experience in assessments of security posture using automated
tools such as: Nessus, SCAP, ACAS, AppScan, AppDetective, and Fortify
It is highly desirable that candidate have:
Experience working with Oracle ERP
Experience in PMO support
Experience with PeopleSoft
Experience with eMASS
Experience with DISA STIG/SRG implementation
Working on a program executing the Security/Software Development Lifecycle
Knowledge of Cross Domain Solutions
Knowledge and experience working with DoD's Risk Management Framework
Possess the following certifications: CSSLP, CISA, CEH, or CAP
Cybersecurity support for a system in development
Army and DoD Cybersecurity regulations