Updated: 4/29/2012
ATO-4351: Senior System Security Engineer/Information Assurance EngineerPlease click on the Position Title to view the full job description. The columns in this table can be re-sorted by clicking on the column heading.
ATO-4351: Senior System Security Engineer/Information Assurance Engineer
Location: FL - Orlando
Clearance Requirement: TS / SCI
POSITION DESCRIPTION:
Provide in-depth information assurance knowledge and support to the Space Missile Command's western and eastern ranges Information Assurance activities. This support is required at the strategic (acquisition) and tactical (upgrades, day-to-day O&M) level. The ISSE is the technical information security (INFOSEC) lead who works with the Program Manager, Program Security Officers, System Engineers and others on the system acquisition team. As the INFOSEC technical lead, the ISSE is responsible for areas such as identifying INFOSEC requirements, defining security aspects of system architectures, determining testing requirements and methodologies, and conducting analytical risk management activities related to the development of information systems. The ISSE will ensure documentation required for certification packages are complete and support verification of the system requirements. Depending on program needs the ISSE may also be required to produce C&A documentation. The key objective of the ISSE is to make INFOSEC an integral part of the systems engineering and system acquisition process; ensure a strong customer focus; provide effective security measures in support of customer mission needs; integrate the security disciplines to provide optimal information system security solutions and make the ISSE a key member of the team that develops a system with security requirements.
EXPERIENCE REQUIREMENTS:
- Minimum of 10 years of experience in one or more of the engineering disciplines of computer, electrical, or mechanical engineering or sub-disciplines related to them including, but not limited to the following examples: aerospace, electronic systems, information theory, computer science, communications, telecommunications, network, computer, software, information security (INFOSEC), communications security (COMSEC), engineering management, computer security, or other engineering disciplines.
- Experience performing engineering services that may include but are not limited to the following: engineering studies and analysis; technology planning; systems architecture development; requirements development; concept development; systems design; system development and integration; test and evaluation; systems operation;; control of systems and components; integrated logistics support; modeling and simulation; configuration management; security test and evaluation; security certification testing; independent verification and validation; penetration testing; auditing; ethical hacking; information assurance control testing and validation; information system security policy; supervisory control and data acquisition (SCADA); information protection needs elicitation; and systems acquisition and life-cycle management in compliance with current Industry and Government practices.
- Familiarization with the western and/or eastern launch ranges IA systems, architecture, and operations.
- Working knowledge with one or more of the following: Department of Defense IA Certification and Accreditation Process (DIACAP), National Information Assurance Certification and Accreditation Process (NIACAP), National Institute of Standards and Technology (NIST) 800 series, Intelligence Community Directive 503 (ICD 503), Director of Central Intelligence Directive 6/3 (DCID 6/3), and the Information Assurance Technical Framework (IATF)
- Knowledge of system functions, security policies, technical security safeguards, and operational security measures
- Works independently; applies expert knowledge of state-of-the-art technologies; able to provide technical guidance to project leaders and program managers.
- Serves as a technical advisor on complex problems to other staff members; stimulates others through ideas and information.
- Recognized authority within field of expertise and extensive knowledge of related fields.
- Ability to communicate effectively and interact with senior government representatives.
- Familiarity with technologies and applications relating to web services, service oriented architecture, intrusion detection/prevention, anti-virus, and firewalls.
- One or more of the following certifications are highly desired:
o CISSP and/or ISSEP
o CISM - Certified Information Security Manager
o CEH - Certified Ethical Hacker
o CPT - Certified Penetration Tester
Education
- Bachelor's Degree or higher in engineering or related discipline as described in the Experience Requirements section above.
- Advanced degree holders will require shorter periods of General Experience than holders of Bachelor Degrees.
o 8 years for holders of a Masters degree
o 5 years for holders of a Doctorate degree,
- An additional 8 years of General Experience may be used in lieu of a Bachelor Degree.
Must hold active TS/SCI clearance. US Citizenship required.
|
