Information Systems Security Engineer (ISSE)

Please review the job details below.

• Design and implement strategies to secure Maxar and client systems (on-prem, cloud) against all threats.
• Install, configure, develop, and maintain security systems across all levels of the environment, including OS, application, and network.
• Monitor the integrity of the software development lifecycle and information systems.
• Test, audit, and verify compliance with appropriate cybersecurity standards.
• Continuous upkeep, monitoring, analysis, and response to Information system, network and security events.
• Perform all auditing and associated reporting duties as specified by Continuous Monitoring directive, organizationally defined requirements and regulatory mandates.
• Provide annual assessment support.
• Documents compliance actions within the approved automated compliance tracking system or develops a Plan of Actions and Milestones (POA&M) to address non-compliance in the allotted timeframe.
• Develop procedures and documentation to ensure compliance with configuration management (CM) for security-relevant IS software, hardware, and firmware.
• the author required information system security-related documentation as required by cognizant security authority and IAW RMF, NIST, SAP/SAR, ICD, and published standards.
• Ensures systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the System Security Plan (SSP), Standard Operating Procedures (SOP), and customer directives.
• Ensures records are maintained for workstations, servers, software, virtual routers, virtual firewalls, virtual network switches, crypto, and other relevant hardware/equipment throughout the information system's life cycle.
• Evaluates proposed changes or additions to the information system and advises senior site leadership of the security relevance.
• Participates in internal/external security audits/inspections; performs risk assessments and Continuous Monitoring.
• Lead investigations/remediation of computer security violations and incidents, reporting as necessary per Incident Response plan
• Ensure proper protection and/or corrective measures have been taken when an incident or vulnerability has been discovered.
• Oversee the completion of entry/exit forms for equipment and media entering secured areas.
• Lead the authorization process for new hardware and software request
• Author, review and update operation instructions (OIs) and assessment and authorization documentation (Body of Evidence) to support re-authorization activities.

• and be willing and able to obtain a Public Trust
• BS degree plus 5-7 years of prior relevant experience, Masters with 3 years of prior relevant experience, or equivalent work experience.
• Linux skills
• Detailed understanding of the Risk Management Framework (RMF), NIST, ICD, and CNSS standards.
• Must be able to work in a constantly changing regulatory environment with short, mid, and long-term timelines for remediating any non-compliant
• Must be able to work well within a team environment and able to adapt quickly to change
• Familiarity with information system requirements and best practices within a classified environment
• Good writing and verbal presentation skills

• TS/.SCI w/CI Poly (given Northern Virginia)
• Experience in Python programming
• Familiarity with JSON
• Expertise in other languages welcome (Bash, Ansible, etc.)
• Experience with AWS (designing, securing and provisioning systems within the AWS cloud (CloudFormation, IAM, CloudWatch, CloudTrail, S3)) CEH or CHFI a plus
• Background or understanding of System Security Plans (SSP)
• Security hardening scripting/automation experience
• Linux certification (RHCSA and or RHCA desired)
• Current DHS Suitability or EOD
• Experience with Xacta 360
• Previous ISSO/ISSM or experience with Assessment and Authorization requirements (POA&Ms, controls, etc.)
• Google Fu - Black Belt