Information Systems Security Engineer (ISSE)

US-VA-Amherst
1 week ago(1/11/2018 2:20 PM)
Requisition ID
2018-1706
Category (Portal Searching)
Operations

Overview

Black Box Network Services, Government Solutions is a communications systems integrator that implements telecommunications and data solutions for Federal, State and Local customers worldwide. The primary focus of Black Box is the delivery of complex Unified Communications, Data Networks, infrastructure and facilities solutions to customers across multiple industry sectors. Come join a team that sets the standard for superior performance and quality as recognized by our customers around the globe.

Job Description:


Black Box is seeking an experienced Information Systems Security Engineer (ISSE) to work in our Amherst, Virginia location. The Information Systems Security Engineer will be responsible for supporting Black Box in the development of customer documentation and completion of deployment tasks and functions associated with the DoD Information Assurance Certification and Accreditation Process (DIACAP) and Risk Management Framework (RMF).  The ISSE will be the resident Subject Matter Expert (SME) on Cybersecurity related topics and will support other Black Box Government Solutions personnel during the execution of similar Information Assurance tasks as required.

Responsibilities

Specific Duties:

  • Ensuring regulatory compliance of customer systems and applications by hardening of Operating Systems, applications, and network infrastructure using tools such as Department of Defense Security Requirement Guides (SRGs) and Security Technical Implementation Guides (STIGs).
  • Validating compliance by conducting vulnerability scans for operating systems and network infrastructure using eEye Retina and Assured Compliance Assessment Solution (ACAS). Provide remediation support to field personnel in the event that vulnerabilities are identified.
  • Supporting development and maintenance of a system-specific Plan of Action and Milestone (POA&M).
  • Defining, creating and maintaining security documentation for certification and accreditation (C&A) of customer information systems in accordance with government requirements. Complete necessary accreditation paperwork such as Application Security and Development Checklists.
  • Reviewing system security documentation in order to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes and document security relevant changes. Perform software scans on networks and computers for vulnerabilities.
  • Working with self-signed certificates and Department of Defense (DoD) public key infrastructure (PKI).
  • Performing research and assessing the impacts on system modifications, technological advances, and malicious code.
  • Performing software updates, copying logs, and performing password resets.
  • Enforcing password complexity, password lifetime, auditing mechanisms, and session controls on multiple operating systems and platforms.
  • Working closely with government Information Assurance representatives to support activities required to obtain Interim Authorization to Operate (IATO), Authorization to Operate (ATO) certifications as required during the course of deployment activities.
  • Expanding the Black Box Cybersecurity training program in order to further develop personnel capable of hardening Operating Systems, applications, and network infrastructure using tools such as Security Technical Implementation Guides (STIGs) as well as conducting vulnerability scans for operating systems and network infrastructure using eEye Retina and ACAS.

Qualifications

Required Qualifications:

  • Associates degree in Information Technology, Engineering or Computer Science discipline. 5 years or greater direct relevant technical experience may be substituted for education.
  • Must be DoD 8570.01-M certified at the IAT II level at time of hire. IAT Level II certifications include:
    • GSEC
    • Security+ ce
    • CCNA Security
    • SSCP
  • Position requires an active DoD SECRET security clearance.
  • Must be able to obtain a valid passport.
  • A valid driver’s license is required.
  • Knowledge of and experience with the Risk Management Framework (RMF) the DoD Information Assurance Program, National Institute of Standards and Technology (NIST) standards, Federal Information Processing Standards (FIPS) standards, Common Criteria Evaluation Scheme (CCEVS) program, Federal Information System Control Audit Manual (FISCAM), as well as relevant Defense Information Systems Agency (DISA), Department of Defense (DoD) and Army, Navy and Air Force policy, procedures and guidance related to information assurance.
  • Must have strong technical skills in a variety of the following areas: networking, system engineering, Cisco, Windows OS platforms, Red hat, database design/admin.
  • Experience conducting risk assessments of planned and operational information systems to identify vulnerabilities, risks and Cybersecurity controls needed.
  • Experience with technical architectures and tools for computer network defense. Must be able to understand networking to apply IA concepts and make informed decisions about the effect on network security that a given change to a network might have.
  • Ability to develop, review and update security artifacts, evidence, findings, Plans of Action and Milestones, Contingency Plans, Disaster Recovery Plans, and all other required compliance documentation in an oversight (auditing) role.
  • Familiarity with Enterprise Mission Assurance Support Service (eMass).
  • Expertise in vulnerability management, mitigation and reporting methods and tools.
  • Experience with McAfee EPO, specifically HBSS/HIPS management.
  • Experience with Nessus Scanner (ACAS) and Security Content Automation Protocol (SCAP).
  • Experience with DISA Security Technical Implementation Guides (STIGs).
  • Strong knowledge of Windows Server 20xx and Virtual Environment software (VMWare, VSphere, etc)
  • Experience with SQL/Oracle database
  • Working knowledge of Microsoft Office, Visio and other tools.
  • Ability to work on a team to provide Cybersecurity support to customer in a military environment.
  • Candidates must be highly analytical and effectively able to troubleshoot and prioritize needs, requirements and other issues. Aside from technical skills, prospective candidates should have excellent communications, teamwork, leadership and conflict management skills. Must be committed to continuous learning and system development.
  • Ability to successfully handle multiple priorities simultaneously.
  • Ability to work extremely flexible hours.
  • Willingness and ability to travel intermittently in support of customer requirements.
  • The Information Assurance/Security Analyst is expected to perform his/her duties with minimum supervision, and participate in cross-functional projects as scheduled.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed