-
ID
#13527156 -
Job type
Permanent -
Salary
TBD -
Source
MAXAR Technologies -
Date
2021-05-17 -
Deadline
2021-07-16
Information Systems Security Engineer (ISSE)
Virginia, Herndon, 20170 Herndon USAPermanent
Vacancy expired!
Please review the job details below.
Job Description:Maxar is seeking an Information Systems Security Engineer to leverage modern virtualization software, cloud infrastructure, machine learning, and highly paralleled compute architecture in a unique project with broad applications. Supporting real-time operations on a global scale in a variety of application spaces including intelligence and law enforcement, the project offers a variety of challenges and interesting problems to solve. If you are an Information System Security Engineer seeking meaningful work that has a real impact, contact us right away to learn more.Responsibilities:- Design and implement strategies to secure Maxar and client systems (on-prem, cloud) against all threats.
- Install, configure, develop, and maintain security systems across all levels of the environment, including OS, application, and network.
- Monitor the integrity of the software development lifecycle and information systems.
- Test, audit, and verify compliance with appropriate cybersecurity standards.
- Continuous upkeep, monitoring, analysis, and response to Information system, network and security events.
- Perform all auditing and associated reporting duties as specified by Continuous Monitoring directive, organizationally defined requirements and regulatory mandates.
- Provide annual assessment support.
- Documents compliance actions within the approved automated compliance tracking system or develops a Plan of Actions and Milestones (POA&M) to address non-compliance in the allotted timeframe.
- Develop procedures and documentation to ensure compliance with configuration management (CM) for security-relevant IS software, hardware, and firmware.
- the author required information system security-related documentation as required by cognizant security authority and IAW RMF, NIST, SAP/SAR, ICD, and published standards.
- Ensures systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the System Security Plan (SSP), Standard Operating Procedures (SOP), and customer directives.
- Ensures records are maintained for workstations, servers, software, virtual routers, virtual firewalls, virtual network switches, crypto, and other relevant hardware/equipment throughout the information system's life cycle.
- Evaluates proposed changes or additions to the information system and advises senior site leadership of the security relevance.
- Participates in internal/external security audits/inspections; performs risk assessments and Continuous Monitoring.
- Lead investigations/remediation of computer security violations and incidents, reporting as necessary per Incident Response plan
- Ensure proper protection and/or corrective measures have been taken when an incident or vulnerability has been discovered.
- Oversee the completion of entry/exit forms for equipment and media entering secured areas.
- Lead the authorization process for new hardware and software request
- Author, review and update operation instructions (OIs) and assessment and authorization documentation (Body of Evidence) to support re-authorization activities.
- and be willing and able to obtain a Public Trust
- BS degree plus 5-7 years of prior relevant experience, Masters with 3 years of prior relevant experience, or equivalent work experience.
- Linux skills
- Detailed understanding of the Risk Management Framework (RMF), NIST, ICD, and CNSS standards.
- Must be able to work in a constantly changing regulatory environment with short, mid, and long-term timelines for remediating any non-compliant
- Must be able to work well within a team environment and able to adapt quickly to change
- Familiarity with information system requirements and best practices within a classified environment
- Good writing and verbal presentation skills
- TS/.SCI w/CI Poly (given Northern Virginia)
- Experience in Python programming
- Familiarity with JSON
- Expertise in other languages welcome (Bash, Ansible, etc.)
- Experience with AWS (designing, securing and provisioning systems within the AWS cloud (CloudFormation, IAM, CloudWatch, CloudTrail, S3)) CEH or CHFI a plus
- Background or understanding of System Security Plans (SSP)
- Security hardening scripting/automation experience
- Linux certification (RHCSA and or RHCA desired)
- Current DHS Suitability or EOD
- Experience with Xacta 360
- Previous ISSO/ISSM or experience with Assessment and Authorization requirements (POA&Ms, controls, etc.)
- Google Fu - Black Belt
Vacancy expired!
Report job