ISSE FOR DIGITAL INFRASTRUCTURE BRANCH WITH SECURITY CLEARANCE
Infinity Technology Services, LLC
Dayton OH 45390 US
Job Summary: ITS, LLC. is seeking a successful candidate for an Information Systems Security Engineer (ISSE) to join our team supporting the Command, Control, Communications, and Battle Management (C3BM) Program Executive Office (PEO) in Dayton, OH, Joint Base Anacostia-Bolling (JBAB) Washington D.C., Hanscom AFB, MA. As an Information Systems Security Engineer (ISSE) you will perform serve as the Digital Infrastructure (DI) Division’s information security professional responsible for managing all aspects of an organization's information security system, including researching, testing, training, and implementing programs designed to safeguard sensitive information from possible compromise. The ISSE works with System Engineering teams to incorporate cyber resiliency objectives, techniques, and design principles into all system engineering and development efforts throughout the systems development life cycle (SDLC). Key Responsibilities: Duties and responsibilities include, but are not limited to: Develop and maintain documentation and diagrams for security tools, system environments, and operations
Work within a DevOps security model so that security is automated and elastic across all platforms
Identify security-sensitive functionality in apps and services lacking security coverage and build out automation to bring security awareness into the affected areas
Identify novel attacks and security weaknesses within the system; automate their discovery using innovative techniques, methods, and tools.
Perform requirements analysis, design, and integration for complex software applications and collaboration infrastructures
Participate in the change management process, including reviewing Change Requests and assisting in the assessment of security impact of proposed changes
Write implementation and design documents describing how security features are implemented
Create and maintain information system security documentation, Standard Operating Procedures (SOP), and provide guidance on active Plans of Action and Milestones (POA&M)
Conduct periodic and continuous monitoring of the system, procedures, and documentation to ensure compliance with the authorization package
Preferred Qualifications: Must have experience working with Special Access Programs (SAPs)
Strong proficiency in architecture, fault tolerance, and Reliability, Maintainability, Availability (RMA) subject matter.
Understanding of the requirements and standards for Cloud security
Must possess excellent analytical skills and be capable of quantifying risk to enterprise systems and level of compliance with security policy
7+ years' technical experience in cybersecurity, information technology, or systems engineering
Excellent communication skills (verbal and written) required
Software Development in Java, Python, Ruby and/or C++ knowledge
Linux Expertise (RedHat/RHEL or CentOS preferred) knowledge.
Dynamic & Static Application Security Scanning (e.g., Arachni, OWASP ZAP, BurpSuite, Fortify, Checkmarx, etc.)
Virtualization and containers (EC2, Docker) knowledge.
Infrastructure Security Scanning, Vulnerability Scanning (Twistlock, ACAS/Nessus) knowledge.
Education/Experience: Bachelor’s degree in engineering, computer science, cybersecurity, networking, or programming (Master’s degree DESIRED)
Certified Information Systems Security Professional (CISSP).
CompTIA Advanced Security Practitioner (CASP+)
Certified Cloud Security Professional (CCSP).
Information Systems Security Engineering Professional (ISSEP)
DOD Information Technology Security Certification and Accreditation Process (DITSCAP)
DOD Information Assurance Certification and Accreditation Process (DIACAP) Clearance Requirement: Active TS/SCI Subject to a (CI) Polygraph
Salary Note: In compliance with the Equal Pay for Equal Work Act, the salary range for this role is based on education, experience, and responsibilities. ITS, LLC. is an equal-opportunity employer to include veterans and individuals with disabilities. U.S. Citizenship is required.
Work within a DevOps security model so that security is automated and elastic across all platforms
Identify security-sensitive functionality in apps and services lacking security coverage and build out automation to bring security awareness into the affected areas
Identify novel attacks and security weaknesses within the system; automate their discovery using innovative techniques, methods, and tools.
Perform requirements analysis, design, and integration for complex software applications and collaboration infrastructures
Participate in the change management process, including reviewing Change Requests and assisting in the assessment of security impact of proposed changes
Write implementation and design documents describing how security features are implemented
Create and maintain information system security documentation, Standard Operating Procedures (SOP), and provide guidance on active Plans of Action and Milestones (POA&M)
Conduct periodic and continuous monitoring of the system, procedures, and documentation to ensure compliance with the authorization package
Preferred Qualifications: Must have experience working with Special Access Programs (SAPs)
Strong proficiency in architecture, fault tolerance, and Reliability, Maintainability, Availability (RMA) subject matter.
Understanding of the requirements and standards for Cloud security
Must possess excellent analytical skills and be capable of quantifying risk to enterprise systems and level of compliance with security policy
7+ years' technical experience in cybersecurity, information technology, or systems engineering
Excellent communication skills (verbal and written) required
Software Development in Java, Python, Ruby and/or C++ knowledge
Linux Expertise (RedHat/RHEL or CentOS preferred) knowledge.
Dynamic & Static Application Security Scanning (e.g., Arachni, OWASP ZAP, BurpSuite, Fortify, Checkmarx, etc.)
Virtualization and containers (EC2, Docker) knowledge.
Infrastructure Security Scanning, Vulnerability Scanning (Twistlock, ACAS/Nessus) knowledge.
Education/Experience: Bachelor’s degree in engineering, computer science, cybersecurity, networking, or programming (Master’s degree DESIRED)
Certified Information Systems Security Professional (CISSP).
CompTIA Advanced Security Practitioner (CASP+)
Certified Cloud Security Professional (CCSP).
Information Systems Security Engineering Professional (ISSEP)
DOD Information Technology Security Certification and Accreditation Process (DITSCAP)
DOD Information Assurance Certification and Accreditation Process (DIACAP) Clearance Requirement: Active TS/SCI Subject to a (CI) Polygraph
Salary Note: In compliance with the Equal Pay for Equal Work Act, the salary range for this role is based on education, experience, and responsibilities. ITS, LLC. is an equal-opportunity employer to include veterans and individuals with disabilities. U.S. Citizenship is required.