DOD INFORMATION SYSTEMS SECURITY ENGINEER WITH SECURITY CLEARANCE
Chugach Government Solutions
Washington DC 20001 US
The USCG IPT is seeking a DOD Information Systems Security Engineer (ISSE) to support the US Coast Guard IT Services team and provide day-to-day IT and cyber program support to the Coast Guard. The ISSE will serve as a technical leader undertaking complex initiatives requiring specialized technical knowledge of the DOD RMF process. Work Model:Onsite/Office-Based Responsibilities Essential Duties & Job Functions:
Review DoD systems (e.g., weapons systems, stand-alone systems, control systems, or any other type of systems with digital capabilities) and technologies below the system level to ensure they are designed, developed, and implemented with required security features and safeguards.
Requirements Analysis: Identify the security requirements and constraints of the information system, considering factors such as confidentiality, integrity, availability, and regulatory compliance. Employ best practices when implementing security controls, including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques.
System Design: Incorporate security controls and mechanisms into the system design, ensuring that security is an integral part of the architecture.
Implementation and Integration: Implement security controls and integrate them into the information system, ensuring proper configuration and functionality. Coordinate security-related activities with the information security architect, ISSO, ISO, and common control provider.
Validation and Testing: Conduct comprehensive security testing and validation to ensure that the implemented controls meet specified requirements and effectively mitigate risks.
Operation and Maintenance: Continuously monitor, update, and maintain the security posture of the information system throughout its lifecycle, addressing vulnerabilities and adapting to evolving threats.
Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk.
Ensure that security improvement actions are evaluated, validated, and implemented as required.
Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s)
Ensure that protection and detection capabilities are acquired or developed using the IS security engineering approach and are consistent with organization-level cybersecurity architecture.
Identify information technology (IT) security program implications of new technologies or technologies upgrades.
Manage the monitoring of information security data sources to maintain organizational situational awareness.
Monitor and evaluate the effectiveness of the enterprise's cybersecurity safeguards to ensure that they provide the intended level of protection.
Identify security requirements specific to an information technology (IT) system in all phases of the system life cycle.
Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
Routinely exercises independent judgment and discretion when obtaining and leading confidential advance information of management's position regarding IT cyber contract negotiations and investments; performing studies that may result in changes of organizational structures or staffing levels requiring labor relation matters.
Monitors and audits the schedule, cost, design, analysis, operational performance and/or internal security procedures of national security systems (NSS) and respective classified information, critical infrastructure, mission essential systems (MES), high value assets (HVA) or other USCG information systems. Job Requirements Mandatory:
Bachelor’s degree in computer science, IT, Engineering, or Mathematics is preferred, but experience may be substituted for degree.
Recent experience with DHS, DoD, or other government agency in IT to include IA support with fifteen (15) years’ experience in Information Assurance/Cybersecurity
Demonstrated experience with DIACAP and RMF processes.
Able to obtain and maintain a SECRET Security Clearance
U.S. Citizenship.
Occasional travel may be required. Reasonable Accommodation: In compliance with the ADA Amendments Act (ADAAA), if you have a disability and would like to request an accommodation in order to apply for a position with Chugach Government Solutions or any if its subsidiaries, please email Equal Employment Opportunity: Chugach is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, gender, sexual orientation, gender identity or expression, age, pregnancy, disability, genetic factors, protected veteran status or other characteristics protected by law.
Review DoD systems (e.g., weapons systems, stand-alone systems, control systems, or any other type of systems with digital capabilities) and technologies below the system level to ensure they are designed, developed, and implemented with required security features and safeguards.
Requirements Analysis: Identify the security requirements and constraints of the information system, considering factors such as confidentiality, integrity, availability, and regulatory compliance. Employ best practices when implementing security controls, including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques.
System Design: Incorporate security controls and mechanisms into the system design, ensuring that security is an integral part of the architecture.
Implementation and Integration: Implement security controls and integrate them into the information system, ensuring proper configuration and functionality. Coordinate security-related activities with the information security architect, ISSO, ISO, and common control provider.
Validation and Testing: Conduct comprehensive security testing and validation to ensure that the implemented controls meet specified requirements and effectively mitigate risks.
Operation and Maintenance: Continuously monitor, update, and maintain the security posture of the information system throughout its lifecycle, addressing vulnerabilities and adapting to evolving threats.
Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk.
Ensure that security improvement actions are evaluated, validated, and implemented as required.
Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s)
Ensure that protection and detection capabilities are acquired or developed using the IS security engineering approach and are consistent with organization-level cybersecurity architecture.
Identify information technology (IT) security program implications of new technologies or technologies upgrades.
Manage the monitoring of information security data sources to maintain organizational situational awareness.
Monitor and evaluate the effectiveness of the enterprise's cybersecurity safeguards to ensure that they provide the intended level of protection.
Identify security requirements specific to an information technology (IT) system in all phases of the system life cycle.
Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
Routinely exercises independent judgment and discretion when obtaining and leading confidential advance information of management's position regarding IT cyber contract negotiations and investments; performing studies that may result in changes of organizational structures or staffing levels requiring labor relation matters.
Monitors and audits the schedule, cost, design, analysis, operational performance and/or internal security procedures of national security systems (NSS) and respective classified information, critical infrastructure, mission essential systems (MES), high value assets (HVA) or other USCG information systems. Job Requirements Mandatory:
Bachelor’s degree in computer science, IT, Engineering, or Mathematics is preferred, but experience may be substituted for degree.
Recent experience with DHS, DoD, or other government agency in IT to include IA support with fifteen (15) years’ experience in Information Assurance/Cybersecurity
Demonstrated experience with DIACAP and RMF processes.
Able to obtain and maintain a SECRET Security Clearance
U.S. Citizenship.
Occasional travel may be required. Reasonable Accommodation: In compliance with the ADA Amendments Act (ADAAA), if you have a disability and would like to request an accommodation in order to apply for a position with Chugach Government Solutions or any if its subsidiaries, please email Equal Employment Opportunity: Chugach is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, gender, sexual orientation, gender identity or expression, age, pregnancy, disability, genetic factors, protected veteran status or other characteristics protected by law.