TIAG is now hiring an ISSE (Information Systems Security Engineer) to join our team in Port Hueneme, CA.
TIAG supports NAVFAC Engineering and Expeditionary Warfare Center (EXWC) by providing cyber engineering and technology support services including Cybersecurity support, Lab Management and Technology Development support, Control System Engineering support, Cyber Programmatic Support and Training Services in support of all NAVFAC personnel, stakeholders and users throughout the world.
As the Information Systems Security Engineer, you will provide support in operational, technical and process of system A&A packages, to include development and analysis of required policies and other deliverables as required throughout RMF lifecycle. Provide full RMF lifecycle support, including, but not limited to, assistance with system security categorization, system security control selection, tailoring, enhancement, compensation and supplementation, system security control assessments and implementation, artifacts, and continuous monitoring support.
Responsibilities Include

• Works closely with system owners to guide them through RMF lifecycle of Operational Technology (OT) systems
• Determines the appropriate information types and identifies applicable security controls based on Confidentiality, Integrity, and Availability impact
• Assists architects and systems developers in the identification and implementation of appropriate information security control to ensure uniform application of security policy and enterprise solutions
• Validates and verifies system security requirements definitions and analysis to establish system security designs using tools like DoD ACAS, STIGs, SCAP, and Vulnerator
• Reviews assessment and authorization (A&A) documentation, providing feedback on completeness and compliance of its content
• Assesses and mitigates system security threats/risks throughout the program life cycle
• Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations
• Applies system security engineering expertise in one or more of the following: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security testing
• Support security authorization activities in compliance with DoD Risk Management Process (RMF) process and other DoD and DoN policies and procedures
• Participates as a security engineering representative on engineering teams for the design, development, implementation and/or integration of secure networking, computing, and enclave environments
• Applies knowledge of cyber security policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments
• Supports security planning, assessment, risk analysis, and risk management
• Travel: Up to 20%

Required Experience

• Bachelor of Science (B.S.) in Information Technology, Cybersecurity, Engineering or similar preferred
• DoD Secret Clearance
• An Information Assurance certification in compliance with DoD 8570 (e.g. Security , CISSP) (IAT Level II) is required
• 3 years of experience with the development, review and approval of Navy RMF A&A/DIACAP C&A packages for software systems and enclaves; Assured Compliance Assessment Solution (ACAS) experience desired
• Experience with ICS/SCADA systems
• Experience with DoD Enterprise Mission Assurance Support Services (eMASS) & Vulnerability Remediation Asset Manager (VRAM)
• Experience with IA / INFOSEC concepts and requirements: Firewall Policy, Ports & Protocols, Cybersecurity, Cybersafe, DoD A&A processes and standards, etc.
• Experience with the Defense Information Systems Agency published Security Technical Information Guidance (STIG) requirements and compliance process, SCAP Content Checker, Security Readiness Review (SRRs), and other DoD approved tools like Vulnerator
• Ability to manage time well to meet assigned milestones
• Strong communication skills; motivated to investigate, analyze, and document system issues and resolutions; provides consistent status updates to ensure IT security projects stay focused
• Strong work ethic and a proven professional - respectful, dependable, takes initiative and follows through

In California, the standard pay range for this role is $130,000- $150,000 annually. This range is specific to California and may not be applicable in other locations.
TIAG is an equal opportunity and affirmative action employer that does not discriminate on the basis of race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. TIAG's policy applies to all terms and conditions of employment. To achieve our goal of equal opportunity, TIAG maintains an affirmative action plan through which it makes good faith efforts to recruit, hire, and advance in employment qualified minorities, women, individuals with disabilities, and protected veterans.