What are the responsibilities and job description for the Information Systems Security Engineer (ISSE) - Clearance Required position at Logistics Management Institute?
Overview
LMI seeks a skilled Cybersecurity Information Systems Security Engineer (ISSE) to support activities related to shipyard modernization as part of enterprise-wide U.S. Navy strategic modernization and improvement efforts. LMI is helping NAVSUP, NAVSEA, and the shipyards use technology to track materiel through the shipyards to address long-standing problems.
LMI : Innovation at the Pace of Need™
At LMI, we're reimagining the path from insight to outcome at the new speed of possible. Combining a legacy of over 60 years of federal expertise with our innovation ecosystem, we minimize time to value and accelerate mission success. We energize the brightest minds with emerging technologies to inspire creative solutioning and push the boundaries of capability. LMI advances the pace of progress, enabling our customers to thrive while adapting to evolving mission needs.
Responsibilities
- Define system security requirements in coordination with security stakeholders including system engineers, program managers, security control assessors, and authorizing officials.
- Ensure cybersecurity requirements are identified, allocated, implemented, verified, and continuously monitored throughout the system life cycle.
- Provide independent cybersecurity advice and guidance to government stakeholders and contractor team members.
- Participate in recurring cybersecurity working group meetings.
- Develop or review system security designs and architectures, including those for IoT or OT devices.
- Support Assessment and Authorization (A&A) cybersecurity reviews, identify gaps, and support risk management plans for cybersecurity personnel to execute.
- Support the Risk Management Framework (RMF) process for each product in the portfolio.
- Provide SME level cybersecurity engineering support and input to product leads and cybersecurity teams to produce authority to operate (ATO) packages and successfully achieve ATOs.
- Support interim authority to test (IATT), risk assessment / acceptance, and all other ATO related activities.
- Interpret security control noncompliance to determine the impact on levels of risk and / or overall effectiveness of the enterprise's cybersecurity program.
- Work with product teams to identify controls, develop appropriate mitigations, and develop and track Program of Action and Milestone (POAM) documents to ensure that ATO packages are technically sound before submission to the program cyber staff for review.
- Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
- Advise system engineers on the best methods to remediate vulnerability findings through the use of security scanning tools and DoD / Industry best practices.
- Support cybersecurity engineering analysis of alternatives, tradeoffs, and risk treatment decisions.
- Work with interdisciplinary teams to deliver trustworthy and secure systems.
Qualifications
Required :
Desired :