Information Systems Security Engineer (ISSE)

Please review the job details below.

• We build advanced algorithms to gain analytic insights from a large range of open source and government data.
• We enable machine learning systems, automate workflow, and design and develop custom applications for unique national-security mission.
• We operate an end-to-end predictive analytics platform unlike any other within the U.S. Government.
• We provide training to expand your skills and challenges to develop them.
• Our clients' missions are vital to national security, so we are mission-first always.
• Our work environment is relaxed and business casual.
• At our core, we believe in our practice of social responsibility.

• Contribute to team success by building out and maintaining a large-scale customer hosted OpenStack platform, enabling massive analytics for platform users.
• Analyze existing and future systems, review security architectures, and develop engineering solutions that integrate information security requirements to proactively manage information protection.
• Engineer and deploy network defense countermeasures such as anti-virus, anti-spam, and intrusion detection and prevention system solutions.
• Analyze Information Assurance (IA) security events, including threat model development and resulting security risk analysis of systems.
• Review and assess information security events and logs via sophisticated security information and event manager.

• Must be a U.S. Citizen with a current/active TS/SCI and be willing and able to obtain a CI polygraph
• Bachelor's degree in Engineering, Computer Science, or related field. 4 additional years of experience may be substituted in lieu of a degree
• Minimum of 8 years of relevant experience
• Demonstrated expertise in IC policy and able to interact at senior levels to ensure requirements are met while preserving the most feasible security posture
• Must be able to manage security configs and communicate with others on the platform who are impacted by security decisions/direction
• Must be a highly motivated, self-driven team player who can interact well with others and advise/consult with other team members and customers on system security-related issues
• CompTIA Security+ certification or CISSP certification

• Specific IA/Security related experience that includes working with data-at-rest encryption; certificate validation; IDS/IPS; Firewalls; SEIMs and Log Management; Syslog analysis; HTTP and TCP/IP analysis; and vulnerability assessment to include cross-site scripting, SQL injection, cross-site request forgery, HTTP response splintering, and the OWASP Top 10 and SANS Top 25
• Experience with management, certifying, and accrediting at least two production systems or applications within the U.S. government
• Experience using the fundamentals of network routing and switching and achieving compliance for production software systems on U.S. Government networks, such as SIPRnet and JWICS
• Experience with web application penetration testing identifying architectural design weaknesses from analyzing a web application
• Experience implementing PKI components in a network, application, and architecture, and authentication capabilities of Windows, UNIX, Linux, Apple, and middleware
• Experience with database technologies, architectural reviews, and PCI-Data Security Standard
• Experience producing accurate Configuration records through the life-cycle of the asset