Sigma is seeking a qualified Information Assurance (IA) candidate to conduct information assurance and vulnerability testing in support of the United States Special Operations Command (USSOCOM). The ideal candidate will have experience providing systems engineering, research and development supporting military satellite communications and networking technologies. The candidate's technical leadership will influence major projects and complex communications systems supporting SOCOM operations. The candidate will provide technical support to the government program manager and be responsible for analyzing current network architectures and developing innovative solutions that address customer technical requirements.
Senior Security Systems Engineer:
- 5 years’ experience in engineering and conducting vulnerability testing on DoD systems
- When performing as an Information Assurance Office or Information Systems Security Officer, an IAM Level II or Level III certification per DoD 8570.01, or successor, must be held and maintained. If performing as a Privileged User (Individuals who have access to system control, monitoring, or administration functions (e.g., system administrator, IAO/ISSO, system programmers, etc.) a final adjudicated Single Scope Background Investigation (SSBI) with an IT level-1 designation in JPAS must be achieved and maintained.
- Current active TS/SCI clearance or the ability to obtain one.
- Possess an in-depth understanding of computer security, military system specifications, DoD IA policies, and the ability to communicate clearly and succinctly in written and oral presentations.
- Experience executing all aspects of the Systems Engineering Technical Review (SETR) Process.
- Possess an in-depth understanding and experience in DoD Information Assurance Certification and Accreditation
- Process (DIACAP), Platform IT (PIT), and the implementation of Cyber Security and IA boundary defense techniques and various IA-enabled appliances. Examples of these appliances and applications are Firewalls, IDS, IPS, Switch/Routers, Cross Domain Solutions (CDS) and Host Based Security Systems (HBSS).
- Experience authoring DoD IA Certification and Accreditation (C&A) artifacts.
- Experience documenting a system from an IA perspective using Microsoft Office including MS Word, MS Excel, MS Visio and other appropriate tools.
- Lead the research, recommend and document logical and physical solutions that prevent, detect and correct the system to be certified and accredited
- Lead the identification of disagreements between as built specifications, security requirements and DoD security policies and design implementations to bring the system into compliance.
- Plan, Develop, execute and document results of security test procedures..
- Lead obtaining Authorization To Operate (ATO) and resolve issues in the event a system is issued an Interim Authorization To Operate (IATO).
- Technical lead identifying and specifying requirements and performing risk assessments.
Key Duties & Responsibilities:
- Provides security engineering analysis on a variety of information systems, analyzing and resolving INFOSEC technical problems.
- Supports the integration of INFOSEC solutions and technologies into networks with particular attention to protocols, interfaces, and system design.
- Conceptualizes and implements security systems, architectures, and tools to include capabilities for cyber situational awareness, trust, resilience, and information assurance.
- Configures testbeds and conducts verification testing, records and analyzes results, and provides recommendations for improvements for the products/systems under test.
- Supports development of security accreditation/certification documentation, and creating and maintaining security policy and procedures.
- Performs security certification engineering analysis, vulnerability assessments, and risk assessments.
- Develops test procedures, establishing test environments, executing security certification test/demonstrations/evaluations, documenting results, and developing reports, conclusions, and recommendations.
- Conducts market research for hardware and software COTS/GOTS network products for network intrusion detection, Customer Usage, Audit trails, Denial of Services, Attack Alert, and other applications for administration of electronics ISS (Internet Security Systems) functions
- Master's Degree in computer science, electronics engineering or other engineering or technical discipline with 10+ years of relevant experience, or Bachelor’s Degree with 15+ years relevant experience.
- Top Secret security clearance.
- DoD 8570 certification IAT-II or IASAE-II (level III preferred)
- Thorough knowledge of security principles, concepts, policy and regulations to include Government security policies to include DoD Information Assurance Certification and Accreditation Process (DIACAP), Risk Management Framework (RMF), COMSEC and NIST 800-53 policy.
- Knowledge of TCP/IP, information security/authorization profiles, or security administration of Unix or Windows network/systems.
- Strong attention to detail and organizational skills. Excellent communications skills.
- Relevant certifications such as CISSP, SEC+, CASP, CISA, CISM, GSEC, GCED, or similar.
- Experience with Navy command, control, and communication systems
- Familiarity with DoD Risk Management Framework (RMF), Information Assurance, DIACAP
- Familiarity with Cross Domain Solutions (CDS) technologies for voice and data sharing.
- Familiarity with Computer Network Defense (CND) technologies including Guard, Firewall, Secure Network Server, format security solutions, "Smart Cards", and emerging technologies and future trends.
- Experience in heterogeneous computer networking technology and work in protocol and/or interface standards specification is preferred.