ISSE Jobs

Job Description

Company: Zeta Associates Inc

Information System Security Engineer

Fairfax, VA or Greenwood Village, CO

Active TS/SCI w/CI Poly Clearance is Required

Job Description: Seeking an Information System Security Engineer (ISSE). The role of the ISSE is to bridge the gap

between high level security policies/requirements and technical/operational implementation of those

requirements. Candidates should have in-depth understanding of the cybersecurity policies and procedures for

Government (DoD, Intelligence Community) sectors information systems and sufficient technical knowledge and

experience to implement them. The ISSE will work closely and effectively with the Information System Security

Manager (ISSM) ISSM, and the Program Manger on all aspects of their development and implementation

programs. Candidates should have in-depth understanding of the cybersecurity policies and procedures for

Government sector information systems and sufficient technical knowledge and experience to implement them.

The ISSE will provide guidance, standards, and oversight to the program/development teams as they work

towards accreditation and then to maintain the accreditation. The candidate will contribute to the team’s

successful Assessment and Authorization (A&A) process activities (ICD-503 RMF) and related documentation

such as security concept of operations, systems security plans, security control assessments, contingency plans,

configuration management plans, incident response plans, plan of actions and milestones, risk management

plans, vulnerability and compliance scanning, and/or vulnerability management plans.

The ISSE will be an experienced System Administrator and Cyber Security Expert. The candidate will be

supporting a larger team of developers, engineers, and analysts all charged with expanding, operating, and

maintaining information systems built upon hundreds of Linux instances on virtual and bare metal hardware.

Team responsibilities include Linux system build automation, network architecture and implementation, all

facets of cyber security compliance, deployment and management of core subsystems and services. The ISSE will

assume responsibility for ICD-503 RMF process for these multiple information systems including patching, scans,

reports, documentation, coordinating plans of actions and milestones, audit log reviews and other related

duties.

The ISSE will help determine and recommend appropriate solutions and implementations to help meet program

needs. Candidate must possess the ability to communicate effectively and be flexible, adaptable, and willing to

take ownership of projects.

Candidate will have several technical areas of primary responsibility depending on experience and will be

expected to cross train and support other areas as needed. Superior attention to detail is required. Must exhibit

positive attitude and good customer service skills in sometimes stressful situations, such as during outage

troubleshooting and resolution.

Required Skills:

 Active TS/SCI + CI Poly

1

,  Information Assurance (IA) and Information Security (InfoSec) experience working with Intelligence

Community (IC) customers, which includes developing and reviewing security concept of operations,

systems security plans, security control assessments, contingency plans, configuration management

plans, incident response plans, plan of actions and milestones, risk management plans, vulnerability and

compliance scanning, and/or vulnerability management plans. Must have significant expertise in ICD-

503 A&A process and documentation preparation.

 Security engineering experience; which includes systems engineering principles, configuration

management, supply chain, requirements analysis, system development (software and hardware);

network security architecture concepts (topology, protocols, components); and/or IT security principles

and methods (firewalls, demilitarized zones, encryption).

 Required experience with ICD-503 security frameworks to include A&A process and documentation

preparation. Also desired is experience in NIST SP 800-37, CNSS publications, and other Risk

Management Framework (RMF) processes.

 Experience providing continuous monitoring support for information systems to include expertise in

USG security compliance processes, scan tools and systems (NESSUS, NMAP, Trivy, ICD-503 RMF, SNOW)

 Advanced problem solving skills: able to use prior experience and knowledge to address new situations;

especially during interactions with clients.

 Experience providing assistance to A&A test and evaluation activities.

 Proficiency with Red Hat Linux/Unix and Kubernetes environments to include Red Hat Certified System

Engineer (RHCSE) or equivalent skills. 5+ years’ experience as Linux system engineer/admin

 Working knowledge of various Cross Domain Service (CDS) technologies and implementations.

 Demonstrated advanced analytical skills: able to use prior experience and knowledge to seamlessly

incorporate new knowledge or information during client interactions.

 Demonstrated ability to work seamlessly with the program and development team to be able to

communicate security practices from the development requirements

 Be able to evaluate proposed security architectures and designs and provide input as to the adequacy of

those security designs to meet required security compliance objectives

 Security certification (Security+ or CISSP)

Desired Skills:

 Current or former Cisco Certified Network Associate (CCNA) and CCNA Security or equivalent skills and

experience

 Proficient, efficient, and confident in writing and deploying Linux/UNIX scripts for system administration

and file management

 Experience with Puppet, and/or Ansible

 Experience with SNOW and ServiceNow

 Experience configuring, securing, managing and troubleshooting Linux/Unix systems

 Familiar with source code control tools such as: git, gitlab, cvs, svn

 Experience with log aggregation tools used for audit log purposes from all sources, including Linux,

Networking equipment, and applications

2

,  Experience with public key infrastructure (PKI), secure shell (ssh) configuration and troubleshooting,

sssd, httpd

 Experience with Amazon Web Services or other cloud technologies

 Experience deploying enterprise monitoring tools such as Grafana

 Experience with VMware

 Experience with relational database technologies such as Oracle and MySQL

 Advanced writing skills: able to clearly articulate ideas for executive level as well as technical staff

consumption

Education and Experience:

 Bachelor’s Degree in Computer Science, Information Technology, related field, plus 10 years of

experience is desired.

3

Source: Clearance Jobs