PAE, Inc Senior Systems Security Engineer in Fredericksburg, Virginia
Supporting the Most Exciting and Meaningful Missions in the World
Senior Systems Security Engineer
The Senior Systems Security Engineer’s responsibilities include security system deployments, configuration, monitoring and reporting. This is a “ hands-on “position which will have a lead role in performing vulnerability assessments, security testing, and working with operations and development teams on remediation and mitigation of findings.
Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information.
The Senior Systems Security Engineer’s responsibilities include:
Provide support to planning, designing and implementing security controls which safeguard and monitor events for information systems, enterprise applications and data.
Assess current and planned information systems, identifying security architecture issues, and designing solutions for gaps
Conduct Site Assessment Visits (SAV) as required to evaluate information security posture at remote sites
Analyze, troubleshoot, and investigate security-related, information systems’ anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts
Maintain, configure, and analyze network and host-based security platforms
Participates in Security Operations Center (SOC) activities and responds to security incidents
Conduct log reviews using designated Security Information & Event Management (SIEM) platform
Evaluate systems using vulnerability scanners and manual techniques to verify system security settings and configurations
Provide reoccurring reports for network and host-based security solutions
Provide Computer Incident Response Team (CIRT) support as needed in response to information security related events
Performs Information System Security Manager/Information System Security Officer (ISSM/ISSO) duties on assigned government-authorized systems;
Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, A&A packages, and Security Controls Traceability Matrix (SCTM)
Supports security authorization activities in compliance with Risk Management Framework (RMF)
Obtain Approval to Operate (ATO) for systems
Assist in the evaluation of security solutions to ensure they meet security requirements for processing classified information
Develops Information System Security (ISS) documentation (SSP, CMP, etc.) to support the Assessment & Authorization (A&A) of assigned systems;
Implement Security Technical Implementation Guides (STIG) and Security Requirements Guide (SRG) as required on designated systems
Performs ISS controls assessments as part of the systems’ Continuous Monitoring Plan; oversees configuration management of assigned systems; performs periodic hardware/software inventory assessments; identifies system security controls shortcomings and develops POA&Ms, playing a leading role with remediating control deficiencies; conducts, documents and reports annual ISS Self Assessments.
Maintain and update relevant system and process documentation and develop ad-hoc reports as needed
Assist the development of security tool requirements, trials, and evaluations, as well as security operation procedures and processes
Establish and maintain a strong working relationship with all team members
Provide off-hours support on an infrequent, but as needed basis
Due to the nature of work performed within our facilities, U.S. citizenship is required. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information.
The successful Senior Systems Security Engineer must have:
This position requires, at minimum, an active Secret Clearance; Top Secret preferred
Bachelor's in Computer Science or Information Systems and 8 years of demonstrated results, or equivalent experience.
Current CISSP certification
Prior ISSO or ISSM experience
Experience with the NIST/FISMA regulatory and compliance requirements
Be able to effectively manage multiple tasks simultaneously; coordinating and ensuring scheduled goals are met
Experience working with DoD classified IT system security configuration and processes is highly desirable
Well versed in IT government security accreditations and certification IAW NISPOM, NIST, DIACAP and other approved government IT security standards, policies and directives
Experience using vulnerability scanning tools such as Nessus and Acunetix
Experience with Network-based Intrusion Detection/Prevention Systems (IDS/IPS) and Host-based Intrusion Detection/Prevention Systems (HIDS/HIPS)
Must have experience in Security Risk Assessment/analysis support.
Must have excellent communication and customer interface skills.
Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information
Strong experience with documenting test environments, requirements, results and POAM resolution
Candidates must be able to travel 10% of the time.
Other desire skills and experience:
Systems Engineering, Integration, and Technical Support for IA.
Training Support for IA.
Cross Domain Solutions (CDS) and Multi-level Security (MLS) Support.
Cryptographic Program Support.
Knowledge and of SOA Security Concepts.
MS Windows Server 2008, 2012 experience.
An Equal Opportunity Employer. PAE’s hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran’s status, ancestry, sexual orientation, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law.
EEO is the Law Poster at http://www1.eeoc.gov/employers/upload/eeocselfprint_poster.pdf
JOIN OUR TALENT NETWORK at http://www.jobs.net/jobs/pae/join
PAE is a leading provider of enduring support for the essential missions of the U.S. government, its allied partners and international organizations. With over 60 years of experience, PAE supports the execution of complex and critical missions by providing global logistics and stability operations, technical services and national security solutions to customers around the world. PAE has a workforce of approximately 15,000 people in over 60 countries on all seven continents and is headquartered in Arlington, VA.
If you need a reasonable accommodation for any part of the employment process, please contact us by email at firstname.lastname@example.org and let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis.