Information Systems Security Engineer

Information Systems Security Engineer (ISSE)

Job Summary:

At SandTech Solutions we are committed to “Enabling Success” of our client’s missions. As such, we are searching for a skilled The Information Systems Security Engineer to perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations and recommend mitigation strategies.

Requirements:

• Active Top Secret (TS) / SCI Eligible with Full Scope Polygraph
• Bachelor' s degree in Computer Science , Information Assurance, Information Security System, Engineering, or related discipline from an accredited college or university
  1. Four (4) years of additional ISSE experience may be substituted for a bachelor' s degree.
• Fourteen (14) years’ experiences as an ISSE on programs and contracts of similar scope , type, and complexity within the Federal Government
• Active CISSP Certification

Responsibilities include: 

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions

• Validates and verifies system security requirements definitions and analysis and establishes system security designs. Designs, develops, implements and /or integrates IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements.
• Builds IA into systems deployed to operational environments.
• Assists architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions.
• Supports the building of security architectures.
• Enforces the design and implementation of trusted relations among external systems and architectures. Assesses and mitigates system security threats/risks throughout the program life cycle.
• Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. Review’s certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content.
• Applies system security engineering expertise in one or more of the following to: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security testing.
• Support security authorization activities in compliance with NSA/CSS Information System Certification and Accreditation Process (NISCAP) and DoD Information Assurance Certification and Accreditation Process (DIACAP) process, the NIST Risk Management Framework (RMF) process, and prescribed NSA/CSS business processes for security engineering.
• Participates as a security engineering representative on engineering teams for the design, development, implementation and/or integration of secure networking, computing, and enclave environments.
• Participates as a security engineering representative on engineering teams for the design, development, implementation and/or integration of IA architectures, systems, or system components.
• Participates as the primary security engineering representative on engineering teams for the design, development , implementation, evaluation, and /or integration of secure networking, computing, and enclave environments.
• Participates as the primary security engineering representative on engineering teams for the design, development, implementation, evaluation , and/or integration of IA architectures, systems, or system components.
• Supports the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures.
• Applies knowledge of IA policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments.
• Supports security planning, assessment , risk analysis, and risk management.
• Identifies overall security requirements for the proper handling of Government data.
• Interacts with the customer and other project team members.
• Performs system or network designs that encompass multiple enclaves, to include those with differing data protection/classification requirements.
• Provides security planning, assessment , risk analysis, and risk management.
• Recommends system-level solutions to resolve security requirements.
• Supports the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures.
• Performs other related duties as assigned within the contract scope

Skills, Knowledge, and Competencies

• Communication skills - able to communicate in a clear, articulate, and professional manner on a daily basis via written and oral communications with customer contracting representatives, employees, and subcontract/teaming partner contracting organizations.
• Interpersonal and Customer Relations skills – able to maintain a professional and courteous attitude with employees and third-party individuals at all times to resolve conflicts and address any issues within the contractual structure and regulations.
• Planning/Organizational skills - able to prioritize work activities, use time efficiently and work through projects in a self-motivated manner balancing efforts between contracts, vendor agreements, and pricing requests.
• Adaptability – able to adapt to rapid changes in the work environment, manage competing demands and able to deal with frequent
• change, delays, or unexpected events.
• Problem-solving skills – able to identify and resolve problems in a timely manner; gather and analyze information skillfully; able to apply independent judgment on a regular basis in making decisions.
• Time Management skills – able to use time effectively in a semi-supervised fashion, pursuing other activities when regular duties have reduced in volume; able to complete projects in a timely manner. Will work with occasional supervision over repetitive tasks.
• New duties or project type tasks may receive “strict” or “direct” supervision, depending upon the nature of the task(s).

Physical Requirements:

• Prolonged periods of sitting at a desk and working on a computer.
• Must be able to lift up to 15 pounds at times.

AAP/EEO Statement

It is the policy of SandTech Solutions to provide an equal employment opportunity for all applicants and employees.  The Company does not unlawfully discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, national origin, ancestry, age, medical condition, disability, workers’ compensation status, or veteran status.

Job Information Summary:

Location: San Antonio, TX

Job Type: 40 hours per week Mon - Fri

At SandTech, our employees enjoy benefits to support their physical, financial, and emotional wellness. These benefits include comprehensive medical, dental and vision plans, 401(k), life insurance, paid time off program with paid holidays and various wellness programs. Additionally, our career path planning assists employees with their professional goals.