Information Systems Security Engineer (96414BR)

  • ManTech International
  • 02/26/2018

Job Description

USA, COLORADO, COLORADO, Springs Full-Time Security Clearance: Secret Provide subject matter expertise and capability to consult/troubleshoot security related matters for enterprise information systems and network architectures, system access problems and implementation of security policies and procedures. Ensure security access and protect against the unauthorized access, modification, or destruction of systems or data. Demonstrate familiarity with a variety of security concepts, practices, and procedures, including the importance of building security requirements and practices into the systems engineering process and the software development lifecycle. A wide degree of security-relevant creativity and latitude is expected. The Information System Security Engineer reports to the Information System Security Engineer Lead. Apply solid knowledge of information security principles and practices. Manage and maintain the security integrity of all IT systems and network architectures. Ensure systems are securely operated, maintained, and disposed of in accordance with security policies and practices defined by the federal government and outlined in the security plan. Ensure all system users have the correct authorizations and privileges to perform their jobs, and are aware of their security responsibilities while accessing the system. Provide training to system users on preferred security practices. Author risk assessments and support certification and accreditation activities. Participate in system reviews, to include custom, COTS and GOTS software and hardware, and in-house software development, and provide recommendations for securing the systems and software. Provide daily, ongoing security oversight of assigned systems, to include the security impact of proposed modifications, additions, and technology refresh evolutions Advise users of the security features and procedures used in their ISs Understand system security vulnerabilities and associated threats, and assess the overall security risks to the system. Provide mitigation recommendations to reduce identified security risks Work directly with internal IT staff and customer to establish and enforce IT security best practices, protection objectives, process improvements and effective IT security controls Perform system vulnerability scanning using approved software tools Thoroughly understand software installations, systems monitoring and troubleshooting, account management, and overall efforts to minimize system downtime Thoroughly understand the administration of critical server infrastructure, including stand-alone and virtual servers, server backup and recovery, and platforms such as file servers and web servers Provide support to the administration staff for security-relevant applications, such as IDS/IPS and log manager, and associated accounts. Assist in IT security incident response and documentation. Perform regularly scheduled security reviews (e.g., technology, operations and personnel). Serve as the primary interface to government compliance and policy teams to ensure the system consistently meets the requirements for certification and accreditation. Participate in designing and managing IT Security strategy including both infrastructure and applications. Lead security and compliance based projects. Consult with users to determine requirements, and provide security solutions to meet needs. Assist with projects involving database and security issues and requirements. Working Hours: Day, 8AM – 5PM, Some on call See Qualifications / Associated Degree (field mathematics, telecommunications, electrical engineering, computer engineering, computer science) and two (2) to four (4) years of related experience or Bachelor's Degree (field mathematics, telecommunications, electrical engineering, computer engineering, computer science) and zero (0) to two (2) years of related experience, Experience in lieu of stated degrees is acceptable. Experience on security directives, policies, publications and regulations Experience in creating System Security Plans Experience in IT security certifications (CIPP. CompTIA Security, CPP, PSP and alarm/badge systems) Possess clear understanding of security protocols and standards and have experience with software and security architectures. Understand how to design and implement security tests in accordance with stated criteria Experience with security practices of Intranet and Extranet Experience with packet analyzers Experience with Linux/UNIX Windows servers, MS SQL Experience understanding protocols, such as, SSL/TLS, CIFS, HTTP/S, DHCP, SMTP, LDAP/S and DNS Experience in networking concepts and services, such as, VPNs, IPSec, PKI and TCP/IP Expertise with the accreditation process, such as DIACAP, with knowledge of NIST 800.53 ManTech International Corporation is comprised of approximately 7,300 talented employees who use advanced technology to help government and industry meet some of their greatest challenges around the world. We adhere to the simple, no-nonsense values on which ManTech was founded more than four decades ago, aligning squarely with the mission objectives of our customers. As our customer base continues to expand and diversify, we continue to diversify our workforce and solutions. Nearly half our employees have a military background, and approximately 70 percent hold a government security clearance. As a leading provider of innovative technology services and solutions for the nation's defense, security, health, space, and intelligence communities; we hold nearly 1,100 active contracts with more than 50 different government agencies JBManTech ICJBMeta