Job Title: Lead, Info Security Systems Engineer

Job Code: SAS20230205-100319

Job Location: Palm Bay, FL

Job Description:

Essential Functions:

• Expected to contribute to all Product or Network Information Security Engineering activities pertaining to CDRLs, trade studies, security requirements analysis, secure architecture development, management & compliance with security controls, design review milestones (SRR, SDR, PDR, CDR) and security test/verification activities.
• Ensure RMF Information Security requirements and Program Protection requirements are addressed in all phases of the System Development Lifecycle (SDLC).
• Perform functional analysis, timeline analysis, detailed trade studies, requirements derivation and allocation, and interface definition studies to translate customer Information Security requirements into hardware and software specifications.
• Provide Information Assurance (IA) technical leadership for development teams building new multi-discipline (mechanical, electrical, software, RF, etc.) products.
• Responsible for developing security overlays, data flow diagrams, internal requirements, CONOPs and interface control documents from customer / product requirements.
• Provide IA technical leadership to development teams at internal and external gate reviews such as technical baseline reviews and design reviews.
• Work closely with Program Managers, Systems Engineering and other engineering disciplines.
• Brief senior management on all aspects of Security Engineering.
• Identify security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives (hardware, software, cross-domain solutions, cryptographic devices, firewalls, intrusion detection systems, anti-virus systems and software deployment tools).
• Conduct complex security architecture analysis to evaluate and mitigate risks.
• Experience in writing and managing RMF body of evidence documents (e.g., System Security Plan (SSP), Security Compliance Traceability Matrix (SCTM), Certified Test Plan (CTP), Risk Assessment Report (RAR), Continuous Monitoring (ConMon) Plan, Plans of Action and Milestones (POA&M), and Security Assessment Plans and Procedures (SAPP).
• Working knowledge of Host Based Security System (HBSS).
• Knowledgeable with application of STIGs and SCAP.
• Experience with RMF body of evidence tools such as eMASS, SNOW or XACTA
• Experience in configuration and use of cyber defense and vulnerability assessment tools such as ACAS and SCC.
• General understanding of vulnerability analysis tools such Tenable NESSUS Security products.
• Knowledge of with Satellite Security Architectural Design and NSA Type-1 Cryptographic implementations
• Previous experience with government risk assessments of space architectures and developing Key Management Plans (KMPs)
• Knowledge of the content development and administration of SEIM/audit reduction tools (e.g., Splunk).
• Experience in creating system test cases and evaluation methods and RMF assessment methodology & process.
• Experience using Redhat
• Job is 100% on-site in Melbourne/Palm Bay Florida

Qualifications:

• Bachelor’s Degree and minimum 6 years of prior relevant experience, or Graduate Degree and a minimum of 4 years of prior related experience or In lieu of a degree, minimum of 13 years of prior related experience.
• DoD 8570.01-M IASAE Level 2 certification (e.g. CASP+ CE or CISSP (or Associate)).
• Active TS/SCI Security Clearance.

Preferred Additional Skills:

• DoD 8570.01-M IASAE Level 3 certification (e.g. CISSP - ISSEP or ISSAP).
• Experience with administration and securing Linux (RHEL/CentOS), Microsoft products including Windows Server 2016+, Windows 10, Microsoft System Center Configuration Manager, and WSUS.
• Foundational knowledge of Layer 3 architecture and diagramming within Visio (or equivalent).
• Basic understanding of routing and switching as employed in telecommunications and network traffic.
• General knowledge of common threats to information systems and how compromise would damage system integrity.
• Capable of supporting management of VLANs, VRF, virtual switching, multi-layer switching, Multi-layer Firewalls, ACLs, secure configuration, bulk link encryption (KGs).
• Supporting account management, PKI cert management, LDAP configuration/management.
• Scripting experience (Bash/Shell, Python, Perl, PowerShell).
• TS/SCI with Poly is highly desired.