What are the responsibilities and job description for the Information Systems Security Engineer (ISSE) position at Quality Business Engineering?

Job Type

Full-time

Description

DESCRIPTION :

The Information System Security Engineer (ISSE) III is responsible for conducting comprehensive security assessments, including Federal Management System (FISMA) reviews, to identify vulnerabilities and ensure compliance with relevant security standards and regulations.

KEY RESPONSIBILITIES :

Collaborate with various stakeholders across the organization to evaluate security controls, provide remediation guidance, and promote a secure IT environment
Lead and conduct comprehensive security assessments of information systems, applications, and infrastructure, including FISMA reviews
Evaluate the effectiveness of security controls and identify vulnerabilities
Analyze security risks and provide recommendations for mitigation
Develop and maintain security assessment methodologies and tools
Ensure compliance with FISMA requirements and guidelines
Develop and maintain FISMA documentation, including System Security Plans (SSPs), risk assessments, and continuous monitoring plans
Conduct FISMA audits and assessments
Provide guidance and support to system owners on FISMA compliance
Identify and analyze security vulnerabilities in systems and applications
Prioritize vulnerabilities based on risk and impact
Develop and implement remediation plans
Track and report on vulnerability remediation progress
Review and evaluate security architecture designs
Provide security guidance and recommendations to architects and engineers
Ensure that security controls are integrated into system designs
Collaborate with system owners, IT staff, and other stakeholders to conduct security assessments and implement remediation measures
Communicate effectively with technical and non-technical audiences
Provide security awareness training and guidance.
Take directions from the Assessment Services Team Lead
Mentor and Direct subordinate Assessment Services Team staff

Requirements

REQUIRED QUALIFICATIONS :

BA / BS in Computer Science / Computer Engineering / Information Systems or closely related field (HS and 4 years of additional experience or AS and 2 years of additional experience may be exchanged in lieu of BA / BS)

9 years total experience (Relevant Master's Degree may be exchanged for 2 years' experience credit or a relevant PhD may be exchanged for 4 years' experience credit)

5 years of position-specific relevant experience

Strong understanding of security frameworks, standards, and regulations, such as NIST, ISO 27001, and FISMA

Experience conducting vulnerability assessments and penetration testing

Knowledge of security technologies, such as firewalls, intrusion detection / prevention systems and security information and event management (SIEM) tools

Excellent analytical and problem-solving skills

Active CompTIA Security

Active Certified Information Systems Security Professional (CISSP)

Active Certified Information Security Manager (CISM)

Ability to work independently and in an agile, collaborative team environment

Active US Government Clearance at Secret level or higher

Effective written and verbal communications skills for collaboration with both customers and fellow team members

Ability to sit for extended periods of time and regularly lift at least 25 pounds

Ability to commute to the designated onsite work location as required

DESIRED ADDITIONAL QUALIFICATIONS :

7 years of experience in information security, with a focus on security assessments and FISMA compliance

Experience in current authorization practices, particularly within the DoD

Experience with cloud security assessments

Knowledge of scripting or programming languages

Experience and / or certifications associated with RMF, ICD 503, NIST SP800-53 or DCID 6 / 3. Windows, Linux, UNIX, Cisco, SQL or Oracle databases, and virtualized systems certification. Red Hat Enterprise License (RHEL) Linux 7, ACAS, Tenable, and one or more SIEM certifications

Relevant certifications, such as CISSP, CISM, CISA, or CAP

Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), Certified Cloud Security Professional (CCSP), AWS Certified Security Specialty, Azure Security Engineer Associate, Certified in Risk and Information Systems Control (CRISC), ISO 27001 Lead Auditor

Master's degree in Computer Science / Computer Engineering / Information Systems or closely related field

QBE is an equal opportunity / affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender, gender-identity and / or expression, age, disability, Veteran status, genetic information, pregnancy (including childbirth, lactation, or other related medical conditions), marital-status, neurodivergence, ethnicity, ancestry, caste, military / uniformed service-member status, or any other characteristic protected by applicable federal, state, local, or international law.

Apply for this job

Receive alerts for other Information Systems Security Engineer (ISSE) job openings

Information Systems Security Engineer (ISSE)

What are the responsibilities and job description for the Information Systems Security Engineer (ISSE) position at Quality Business Engineering?

What is the career path for a Information Systems Security Engineer (ISSE)?

Job openings at Quality Business Engineering

Not the job you're looking for? Here are some other Information Systems Security Engineer (ISSE) jobs in the Doral, FL area that may be a better fit.

We don't have any other Information Systems Security Engineer (ISSE) jobs in the Doral, FL area right now.

AI Assistant is available now!