Information System Security Engineer TS/SCI
- Lead NIST Risk Management Framework (RMF)/ICD-503 requirements development and implementation activities as required for assigned programs.
- Expected to contribute to all Product or Network Information Security Engineering activities pertaining to CDRLs, trade studies, requirements analysis, architecture development, management & compliance, design milestones (SRR, SDR, PDR, CDR) and test/verification activities.
- Ensure Information Security requirements are addressed in all phases of the system development lifecycle (SDLC).
- Perform functional analysis, timeline analysis, detail trade studies, requirement derivation and allocation, and interface definition studies to translate customer Information Security requirements into hardware and software specifications.
- Provide technical leadership for development teams of new multi-discipline (mechanical, electrical, software, RF, etc.) products.
- Responsible for developing internal requirements, CONOPs, data flow diagrams, and interface control documents from customer/product requirements.
- Support full program development lifecycles including concept, design fabrication, production, test, installation, operations, maintenance and disposal.
- Provide technical leadership to development teams at internal and external gate reviews such as technical baseline reviews and design reviews.
- Work closely with program managers, system engineering and other engineering disciplines.
- Brief senior management on all aspects of Information Systems Security Engineering.
- Identify security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives (hardware, software, cross-domain solutions, firewalls, intrusion detection systems, anti-virus systems and software deployment tools).
- Conduct complex security architecture analysis to evaluate and mitigate issues.
- Requires an active Top Secret/SCI security clearance.
- Bach degree(s) in Electrical, Mechanical, Computer, Systems Engineering (or similiar "technical" discipline).
- Minimum of 6 years of Information Security Systems Engineering experience working on system information security architecture development, implementation, integration, and test.
- DoDI 8570 IAT or IAM Level 3 compliant professional certification (i.e. CISSP (or Associate), CASP CE, CCNP Security, CISA, GCED, GCIH, CISM, or GSLC).
- Experience with security assessment and authorization activities required for Federal systems, e.g. RMF, ICD-503, Type 1, DIACAP, etc.