Senior System Security Engineer

**THIS POSITION REQUIRES AN ACTIVE TS/SCI WITH POLY CLEARANCE**

This BI&A PRIME contract is seeking a Senior System Security Engineer to join a team which is responsible for safe-guarding data from unauthorized access or modification ensuring its availability, confidentiality, and integrity.

DUTIES WILL INCLUDE:

• Proposing, coordinating, and enforcing information systems security policies, standards, and methodologies.
• Developing and updating system security plans and other IA documentation.
• Providing change management for security-relevant information system software, hardware, and firmware.
• Maintaining operational security posture for an information system or program.
• Performing analysis of enterprise-level security architectures, network management architectures, communications architectures, and key management architectures, identifying a vulnerability, and providing suggested mitigation alternatives.

EDUCATION REQUIREMENTS:

• Bachelor's Degree in a related Technical Field may be substituted for 4 years’ experience.

REQUIRED EDUCATION AND EXPERIENCE

• 15+ years’ experience performing and providing security support to hardware, software, and applications.
• 7+ years’ experience providing technical guidance to mid-level personnel.
• Experience developing technical documentation.
• Technical experience with:
  • XACTA, Gatekeeper, ROCBLASTER, KnightSupreme, LatteArt, and CASPORT
  • Review system logs
  • Taking a system to ATO and reauthorization of systems
  • Creating data flow diagrams
  • Secure the Enterprise Initiatives
  • Audit reduction tools (SEAR, SPLUNK)
  • Basic Unix operating system commands and log files
  • Analytical and creative problem-solving skills to resolve information security challenges.
  • Organizational skills to balance and prioritize work.
  • Interpersonal skills to interact with customers, senior level personnel, and team members.
  • Effective written and oral communication with multiple levels of leadership involving both business and technical sides of the business.
  • Understanding of the Risk Management Framework (RMF), Committee on National Security Systems (CNSS) Instruction 1253 and the National Institute for Standards and Technology (NIST) 800-53 security controls.

DESIRED EXPERIENCE:

• CISSP certification.
• Previous client ISSO experience
• Experience with IAVAs, audit events, and managing entitlements