Information Systems Security Engineer Resume Samples

4.5 (104 votes) for Information Systems Security Engineer Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the information systems security engineer job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Resume Builder
CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Create a Resume in Minutes
SK
S Kuphal
Susan
Kuphal
32778 Deja Canyon
Chicago
IL
+1 (555) 874 1624
32778 Deja Canyon
Chicago
IL
Phone
p +1 (555) 874 1624
Experience Experience
Dallas, TX
Information Systems Security Engineer
Dallas, TX
Sauer and Sons
Dallas, TX
Information Systems Security Engineer
  • Knowledge of data backup, types
  • Participates as a security engineering representative on engineering teams for the design, development, implementation and/or integration of secure networking, computing, and enclave environments
  • Participates as a security engineering representative on engineering teams for the design, development, implementation and/or integration of IA architectures, systems, or system components
  • Participates as the primary security engineering representative on engineering teams for the design, development, implementation, evaluation, and/or integration of secure networking, computing, and enclave environments
  • Participates as the primary security engineering representative on engineering teams for the design, development, implementation, evaluation, and/or integration of IA architectures, systems, or system components
  • Supports the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures
  • Applies knowledge of IA policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments
Detroit, MI
Senior Information Systems Security Engineer
Detroit, MI
Ritchie, Weber and O'Conner
Detroit, MI
Senior Information Systems Security Engineer
  • Assesses performance using evaluation criteria and technical performance measure
  • Providing feedback to design engineers and evaluates end-to-end systems and systems-oriented products through their entire life cycles
  • Conducts research and evaluates technical performance of software products and overall segments and systems
  • Perform Certification and Accreditation (C&A) to existing and new systems
  • Prepare and provide DHS formatted System Security Plan
  • Support security planning, assessment, risk analysis, and risk management
  • Perform installation and processing of new security products and procedures
present
San Francisco, CA
Principal Information Systems Security Engineer
San Francisco, CA
Wilkinson, White and Bahringer
present
San Francisco, CA
Principal Information Systems Security Engineer
present
  • Apply knowledge of IA policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments
  • Provide security planning, assessment, risk analysis, and risk management
  • Develop security standards operating procedures and processes
  • Perform system audits to assess security issues, mitigate findings, and report results
  • Participate in architectural design development, system integration and installation configuration and testing for TS/SCI information Systems
  • Work closely with ISSO and IAM for day-to-day operational support
  • Provide leadership and direction to IA operations personnel
Education Education
Bachelor’s Degree in Computer Science
Bachelor’s Degree in Computer Science
Carnegie Mellon University
Bachelor’s Degree in Computer Science
Skills Skills
  • Seven (7) or more years of IA experience to include knowledge of current security tools; hardware/software security implementation; communication protocols; and encryption techniques/tools
  • Knowledge of data backup, types
  • Knowledge of host/network
  • Perform or review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies
  • Experience leading Information Assurance activities and supporting Information System Security Officers (ISSOs) on Intelligence Community (IC) programs and contracts
  • Advanced analytical skills: able to use prior experience and knowledge to seamlessly incorporate new knowledge or information during client interaction
  • Apply knowledge of IA policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments
  • Participate as the primary security engineering representative on engineering teams for the design, development, implementation, evaluation, and/or integration of IA architectures, systems, or system components
  • Participate as the primary security engineering representative on engineering teams for the design, development, implementation, evaluation, and/or integration of secure networking, computing, and enclave environments
  • Strong communications skills – specifically, the ability to communicate effectively with peers, decision makers, and researchers
Create a Resume in Minutes

15 Information Systems Security Engineer resume templates

1

Information Systems Security Engineer Resume Examples & Samples

  • 14 years of experience as an information systems security engineer on programs and contracts of similar scope, type, and complexity required
  • Experience with supporting security authorization activities in compliance with Information System Certification and Accreditation Process (NISCAP) and DoD Information Assurance Certification and Accreditation Process (DIACAP) process, the NIST Risk Management Framework (RMF) process, and prescribed CSS business processes for security engineering
  • BA or BS degree or 4 years of experience with information systems security engineering in lieu of a degree
  • DoD 8570.01-M Compliance with IASAE Level II required
  • Experience as a primary security engineering representative on engineering teams for the design, development, implementation, evaluation, or integration of secure networking, computing, and enclave environments and of IA architectures, systems, or system components
  • Experience with supporting security planning, assessment, risk analysis, and risk management and identifying overall security requirements for the proper handling of government data
  • Experience in interacting with a client and other project team members
  • Experience with performing system or network designs that encompass multiple enclaves, including those with differing data protection and classification requirements
  • Knowledge of IA policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments
2

Information Systems Security Engineer Resume Examples & Samples

  • Knowledge of data backup, types
  • Knowledge of incident response
  • Knowledge of network protocols
  • Skill in applying host/network
  • Understanding of network
  • Understanding of major
  • Knowledge of common scripting languages
3

Information Systems Security Engineer Resume Examples & Samples

  • Perform or review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies
  • Validate and verify system security requirements definitions and analysis and establish system security designs
  • Assess and mitigate system security threats/risks throughout the program life cycle
  • Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations
  • Review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content
  • Participates as a security engineering representative on engineering teams for the design, development, implementation and/or integration of secure networking, computing, and enclave environments
  • Participates as a security engineering representative on engineering teams for the design, development, implementation and/or integration of IA architectures, systems, or system components
  • Participates as the primary security engineering representative on engineering teams for the design, development, implementation, evaluation, and/or integration of secure networking, computing, and enclave environments
  • Participates as the primary security engineering representative on engineering teams for the design, development, implementation, evaluation, and/or integration of IA architectures, systems, or system components
  • Supports the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures
  • Applies knowledge of IA policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments
  • Supports security planning, assessment, risk analysis, and risk management
  • TS/SCI level clearance with full-scope or CI POLY within last 4 years
  • A minimum of 7 years of experience as an Information Systems Security Engineer
  • Knowledge of IA policy, procedures, and workforce structure to necessary to design, develop, implement, evaluate and/or integrate secure networking components
  • The ability to identify security requirements for the proper handling of Government data
  • Demonstrated experience with in the following areas of responsibility
4

Information Systems Security Engineer Resume Examples & Samples

  • Minimum of four (4) years' experience with Certification and Accreditation (C&A) of SCI/SAP/collateral information systems
  • Minimum of two (2) years' experience with DoD Risk Management Framework
  • Experienced in the implementation of ICD 503, Joint SAP Implementation Guide (JSIG), DoDD 8500.01E, DoDI 8500.2, DoDD 8581.1, DoDI 8510.1, DoDD 8140.01, and the Federal Information Security Management Act
  • Experience in performing all tasks above
  • Must be certified IAW DoDD 8140.01 and DoD 8570.01-M standards
  • Current SAP/SAR or TS/SCI clearance
  • Computer science or similar degree
  • Current information security related certifications
5

Information Systems Security Engineer Resume Examples & Samples

  • Participates as a security engineering representative on engineering teams for the design
  • Performs system or network designs that encompass multiple enclaves; to include those with differing data protection/classification requirements
  • A current TS/SCI security clearance W/ Polygraph is required This position is located at Ft Meade; MD MDO
6

Principal Information Systems Security Engineer Resume Examples & Samples

  • Perform system or network designs that encompass multiple enclaves, to include those with differing data protection/classification requirements
  • Provide security planning, assessment, risk analysis, and risk management
  • Support the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures
  • Apply knowledge of IA policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments
  • Bachelor’s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university;4 yrs of additional ISSE experience may be substituted for a bachelor’s degree
  • 20 years’ experience as an ISSE on programs and contracts of similar scope, type, and complexity; A Master’s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline may be substituted for 2 years of experience, reducing the requirement to 18 years of experience
  • DoD 8570 compliance with IASAE Level 3 is required
  • Information Systems Security Engineering Professional (ISSEP) and CISSP Certifications are required. You may have up to 6 months to obtain the ISSEP certification
  • You must have an active TS/SCI with Polygraph clearance to start the program
7

Information Systems Security Engineer Resume Examples & Samples

  • Intermediate to Advanced knowledge and skill of producing a DIACAP package
  • Intermediate to advanced knowledge of RMF to ensure that managing information system-related security risks are consistent with the organization’s mission/business objectives and overall risk strategy
  • Able to document results of the security categorization in the security plan
  • Skills to utilize Enterprise Mission Assurance Support Services (eMASS) to document RMF
  • Information Assurance and RMF expertise to ensure Mission and Training systems are compliant with security regulations
  • Able to document changes to systems and checklists
  • Assist with developing and maintaining system policies and procedures for network security, virus protection, user accounts, maintenance and utilization
  • Able to communicate effectively with other system engineers, system administrators, software developers, and information assurance professionals as well as operational users and diverse mission planners
  • Experience in prioritizing, and executing multiple tasks and projects
  • The ideal candidate must be a motivated self-starter who works with minimum supervision while identifying potential system improvements and solutions
  • Knowledge of Assured Compliance Assessment Solution (ACAS)
  • Experience supporting a global Active Directory (AD) infrastructure in a mixed Windows and UNIX environment
  • Experienced administering Windows Server with knowledge of group policy development and implementation
  • Knowledge VMware and Virtualization of Windows Servers and Clients
  • Good verbal and written communications skills
  • Network +
  • Certified Systems Security Professional (CISSP)
  • VMWare
8

Information Systems Security Engineer Level Resume Examples & Samples

  • Validates and verifies system security requirements definitions and analysis and establishes system security design
  • Designs, develops, implements and/or integrates IA and security systems and system components including those for networking, computing and enclave environment to include those with multiple enclaves and with differing data protection/classification requirements
  • Builds IA into systems deployed to operation environments
  • Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions
  • Enforces the design and implementation of trusted relations among external systems and architecture
  • Assesses and mitigates system security threats/risk throughout the program life cycle
  • Reviews C&A documentation, providing feedback on completeness and compliance of its content
  • Applies system security engineering expertise in one or more of the following
  • Expertise in network technology and systems security engineering
  • Experience in identifying, researching, characterizing, and documenting security weaknesses related to operating systems, software applications, firmware, network hardware components, as well as network architecture design and documented policies and procedures
  • Experience developing and documenting system security requirements and conducting requirements gap analysis
  • Knowledge of, and practical experience with the NIST Special Publications 800 Series, CNSSI 1253, and DoD 8500
  • Experience with network technologies and the ability to demonstrate knowledge of network protocols, communications systems and architectures
  • Should have significant hands on experience implementing security and/or network components, i.e. routers, firewalls, IPS, IDS, etc
  • Ability to work independently within a schedule and with little direction
  • Confidence and ability to present briefing to senior level DoD officials in both prepared briefings and/or in ad hoc discussions
  • Experience and understanding of active cyber defense techniques, products and architectures
  • Experience or knowledge of cross domain device implementation
  • Experience with virtual desktop environments
  • Experience or knowledge of the Nuclear Command & Control (NC2) community
  • Working knowledge of MS Visio to include development of detailed network diagrams
9

Information Systems Security Engineer Resume Examples & Samples

  • Participates as the primary security engineering representative on engineering teams for the design, development, implementation, evaluation, and/or integration of secure networking, computing and enclave environments
  • Participates as the primary security engineering representative on engineering teams for the design, development, implementation, evaluation and/or integration of IA architectures, systems, or system components
  • Applies knowledge of IA policy, procedures and workforce structure to design, develop and implement secure networking, computing and enclave environments
  • Supports security planning, assessment, risk analysis and risk management
  • Performs system or network designs that encompass multiple enclaves, to include those with differing data protection/classification requirements
  • Provides security planning, assessment, risk analysis and risk management
  • Bachelor’s degree + 20 years or Master’s degree + 18 years. IASAE Level 3 (8570 compliance). CISSP and ISSEP certifications required
  • Advocate and recommend system level solutions to resolve security requirements
  • Monitors and suggests improvement to IA policy
  • Provide expertise guidance and work product evaluation to one or more security engineers that support Engineering teams for the design, development, implementation, evaluation and/or integration of secure networking, computing, and enclave environments
10

Principal Information Systems Security Engineer Resume Examples & Samples

  • Participate in architectural design development, system integration and installation configuration and testing for TS/SCI information Systems
  • Ability to manage time, make sound decisions, take action, analyze problems and provide focused security engineering solutions to implement Risk Management Framework (RMF) security controls mappings, and FISMA reporting
  • IAW risk assessments, Implement applicable patches including IAVAs, IAVBs
  • Provide leadership and direction to IA operations personnel
  • Work closely with ISSO and IAM for day-to-day operational support
  • Lead teams and/or support actions to quickly resolve or mitigate IA problems for the enclave environment
  • Implement response actions in reaction to security incidents
  • Develop security standards operating procedures and processes
  • Help to ensure technical security solutions leverage industry best practices
  • Evaluate and recommend new and emerging security products and technologies
  • Implementation and administration of security solutions
  • Must have strong analytical skills in addition to excellent communication and a solid understanding of Information Security business practices
  • Take part in the design and implementation of changes to the systems security components as needed
  • Perform system audits to assess security issues, mitigate findings, and report results
  • Diagnose and resolve IA problems in response to reported incidents
  • Bachelor’s degree in Computer Science, System Engineering, or related discipline from an accredited college or university is required. Minimum of 12 years of related experience with 6 additional years of ISSE experience
  • Must possess a Certified Information Systems Security Professional (CISSP) certification or related certifications
  • Security Engineering experience working with DIACAP, DCID 6/3, ICD-503, and/or NIST Risk Management Framework
  • Experienced with the Department of Defense (DoD), Defense Information Security Agency (DISA), DoDIIS, and IC applicable security scanning tools, and reporting requirements for C&A
  • Experience implementing security engineering practices in the System/Software Development Life Cycle (SDLC) Process
  • Experience in OS hardening, securing systems and networks, and conducting software assurance reviews IAW IC, DoD, and industry best practices
  • Extensive experience and education in information assurance, e.g., accreditation security testing and evaluation
  • Technical knowledge of the DoD, IC, and national level system security initiatives and Secure Information/Local Area Network (LAN)/Wide Area Network (WAN)/Cloud Technologies/Cross, Domain Solutions (CDSs) technologies
  • Experience in system/software design, development, integration, testing, system administration, O&M
  • Implementation of security controls, development of testing methodologies, and procedures for systems, cloud based architectures and Cross Domain Solutions (CDS)
  • Experience with Army programs
11

Information Systems Security Engineer Resume Examples & Samples

  • Demonstrated technical stature, including recognition as a subject matter expert of a cyber or security related technology
  • Understanding of Department of Defense acquisition process and research organizations
  • Strong communications skills – specifically, the ability to communicate effectively with peers, decision makers, and researchers
  • Strong analytical and organizational skills
  • Domain knowledge of cryptographic systems
  • Experience with research and development of cyber or cryptographic solutions
12

Information Systems Security Engineer Resume Examples & Samples

  • Knowledge of aircraft programs, the Risk Management Framework (RMF), the DITSCAP, DD 8500 (Information Assurance) series and Common Criteria are preferred
  • Demonstrated experience in conducting information system security engineering activities, refining information security requirements that are effectively integrated into information technology component products and information systems through purposeful security architecting, design, development, and configuration
  • Demonstrated experience in designing and developing organizational information systems or upgrading legacy systems, employing best practices when implementing security controls within an information system including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques
  • Demonstrated experience in coordinating security-related activities with information security architects, senior information security officers, system developers, information system owners, common control providers, and information system security officers
  • Demonstrate experience utilizing the Joint Special Access Program (SAP) Implementation Guide (JSIG) or DCID 6/3 and NISPOM application as related to the Risk Management Framework (RMF) process particularly as related to Assessment (aka, Security Control Assessment) and Authorization (previously C&A)
  • Ability to listen, understand and translate client requirements
  • Ability to effectively manage conflict, and affect adequate solutions
  • Strategic planning skills, organizational skills, operating skills, and strong leadership
  • Familiarity with software development and network operations concepts and methodologies
  • Knowledge of best practices and the use of project management and IT methodologies including PMI, ITIL, ISO 9000, and CMMI, and tools, easily transitioning from one methodology to the other
  • Ability to lead projects on varying scales, and work with technical teams on all levels and disciplines
  • An understanding of business processes and the ability to thoroughly understand the technology to address client’s requirements
  • At least five (5) years experience in system security Certification &Accreditation (C&A)
  • At least two (2) years experience in major defense acquisition programs
  • At least two (2) years experience in Vulnerability Assessment and/or Risk Analysis
  • At least three (3) years experience with Solaris 10
13

Senior Information Systems Security Engineer Resume Examples & Samples

  • Participate as a security engineering representative on engineering teams for the design, development, implementation and/or integration of IA architectures, systems, or system components
  • Interact with the customer and other project team members
  • 12-14 years’ experience as an ISSE with large multi-tiered programs
  • Bachelor’s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university is required; 4 years of ISSE experience may be substituted for a bachelor’s degree
  • DoD 8570 compliance with IASAE Level 2 is required
  • CISSP Certification is required
  • Must have an active TS/SCI with Polygraph clearance to start the program
14

Information Systems Security Engineer T Resume Examples & Samples

  • Bachelor Degree in Engineering + 10 years relevant experience with aircraft systems integration
  • Must currently possess an active DoD Top Secret security clearance and the ability to qualify for access to SCI
  • Must be able to travel as required
  • Able to review applicable technical implementation guides, information assurance vulnerabilities advisors, etc, and determine implementation at the system level
  • Must be able to work any shift, weekends, and overtime as required
  • Experience with Microsoft Office applications such as: WORD, EXCEL, PowerPoint, and Outlook
  • Familiarity with ICD-503, NIST 800-53, and CNSS 1253
15

Information Systems Security Engineer Resume Examples & Samples

  • Design, develop, and implement security architectures, concepts, protocols and algorithms in hardware, programmable logic (FPGA, CPLD), firmware, and software
  • Identifies system and subsystem information security requirements, defines and integrates information security architectures into overall product technical architectures, and determines testing requirements and methodologies
  • Conducts analytical architecture trade studies and risk management activities related to the development of communications systems
  • Ensures documentation required for information security certification packages is complete and clearly supports verification of the system security requirements
  • Support system certification efforts for systems that are considered a major upgrade or utilize a new or leading edge technology
  • Supports NSA Type-1 certification
  • Supports FIPS certification
  • Provides design and accreditation support for products undergoing Risk Management Framework(RMF), ICD 503, DIACAP,NIACAP, and DCID 6/3 accreditation
  • Supports the entire product life cycle from proposal to ATO, and ensuring proper requirements are identified, derived, implemented, and met for system accreditation
  • Evaluates communications system technologies to ensure security designs incorporate commercial and defense best practices
  • Identifies status for accreditation process status reporting, participating in verification and validation (V&V) efforts
  • Conducts and oversees V&V testing as required
  • Monitors internal and external information sources to identify and track potential threats and recommend corrective design guidance
  • Authors and reviews systems and security engineering lifecycle documentation
  • Assists the system certifiers during security evaluations
  • Coordinates relevant security certification issues with program managers, to be flowed up to government program office and accreditor representatives
  • LI-MM1
  • IND
  • Required: 5+ years experience in Information Systems Security/Information Assurance/Cybersecurity
  • Preferred: 7+ years experience in Information Systems Security/Information Assurance/Cybersecurity
  • Experience with Risk Management Framework, ICD 503, DIACAP, DCID 6/3 accreditation processes, artifacts, and tools
  • Experience with NSA Type-1 certification
  • Experience with NSA approved cryptographic algorithms (i.e., Suite A/B)
  • Experience with FIPS certification
  • Experience working U.S. Government contract proposals as a cyber-security subject matter expert
  • Able to develop, assess and refine information security architectures across customer programs for broadly useful and cost-effective designs and process tools
  • Able to design and develop network security measures that provide confidentiality, integrity, availability, authentication and non-repudiation
16

Information Systems Security Engineer, Mid Resume Examples & Samples

  • Ability to demonstrate an excellent work ethic, initiative, and the willingness to learn
  • Experience with analyzing security risk assessment tool results, including SCAP, SRRs, and Nessus
  • Possession of excellent research and analytical skills
17

Information Systems Security Engineer Resume Examples & Samples

  • 3-5 years of experience as an ISSE on programs and contracts of similar scope, type, and complexity required
  • Background in secure coding, security analysis, systems engineering is desired
  • Knowledge of the various Cross Domain Solution (CDS) desired
  • DoD 8570 compliance with IASAE Level II is highly preferred
  • Highly desiredCISSP, CASP CE, or CSSLP certification
  • Systems Engineering: 2 years
  • Information Systems: 2 years
  • Information Security: 2 years
  • Software Development: 2 years
18

Information Systems Security Engineer, Senior Resume Examples & Samples

  • Supports the design, development, implementation, and/or integration of IA architectures, systems, or system components
  • Ensure that the architecture and design of information systems are functional and secure, including program of record systems, and special purpose environments with platform IT interconnectivity
  • Conducts system or network designs that encompass multiple enclaves, to include those with differing data protection/classification requirements
  • Applies IA policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments
  • Fourteen years of IA System Architect and Engineer (IASAE) experience, to include recent experience within the last five years, with Defense-in-Depth principles and technology, including access/control, authorization, identification and authentication, Public Key Infrastructure (PKI), network and enterprise security architecture
  • Two years of experience applying security risks assessment methodology to system development, including threat model development, vulnerability assessments, and resulting security risk analysis
  • Knowledge of Federal, NSA, IC, and DoD Information Security regulations, publications, and policy
  • DoD 8570 compliance with IASAE Level 3 requirements, CISSP-ISSAP or CISSP-ISSEP
19

Information Systems Security Engineer Resume Examples & Samples

  • Identifying Information Protection needs and define System Security Requirements; designing System Security Architecture; developing detailed Security Designs (including system security certifications and project evaluations)
  • Defense in Depth principles and technology including access/control, authorization, Identification and authentication, public key infrastructure, network, and enterprise security architecture
  • Developing security plans for employing enterprise-wide security architecture
  • Assessing and auditing network penetration testing antivirus planning assistance, risk analysis and incident response
  • Applying security risk assessment methodology to system development, including threat model development, vulnerability assessments, and resulting security risk analysis
  • Developing systems that process information with different classifications and categories that simultaneously permits access by users with different security clearances and denies access to users who lack authorization
  • Evaluating project needs, determining tasks and durations and allocating resources
  • Knowledge of design and implementation of trusted relationships among external agency systems and architectures
  • Implementation of cross domain solutions (e.g. an information assurance solution that provides the ability to manually and/or automatically access and/or transfer between two or more differing security domains)
  • Knowledge of Federal and DOD Information Security regulation, publications and policy
20

Information Systems Security Engineer Resume Examples & Samples

  • Identify overall security requirements for the proper handling of data, and assist architects and system developers in the identification and implementation of appropriate information security
  • Enforce the design and implementation of trusted relationships among external systems and architectures
  • Provide PMO interface to Certification and Accreditation (C&A) organization
  • Provide guidance to development and operational efforts regarding information assurance (IA) functions, particularly those focusing on strategic planning, infrastructure protection, and defensive strategy
  • Contribute to the security planning, assessment, risk analysis, risk management, certification, and awareness activities for systems and networking operations
  • Advocate and recommend corporate solutions to resolve security requirements
  • Interact with customers, IT staff, and high-level corporate officers to define and achieve required IA objectives for the organization
  • Contribute in building security architecture; coordinate the integration of legacy systems
  • Contribute to the acquisition/RDT&E environment and build IA into the system deployed to operational environments
  • Monitor and suggest improvements to policy
  • Review certification and accreditation documentation
  • System security design process
  • Defense-in-depth/breadth
  • Engineering life cycle
  • Information domains
  • Cross-domain solutions
  • Identification, authentication and authorization
  • System integration
  • DCID 6/3
  • Risk management & contingency planning
  • Intrusion detection & incident handling
  • Configuration control & change management
  • Auditing, Certification and Accreditation (C&A) process,
  • Principles of IA
  • Windows or Linux Systems administration experience
  • Experience with IBM Intrusion Detection Systems (IDS)
  • Updating IAVA databases
  • Experience with virtual networking (ESXI, VMware, VSphere), switches and firewalls, IP protocols
  • Experience with Puppet
21

Information Systems Security Engineer Resume Examples & Samples

  • Ensure systems meet the requirements of Director of Central Intelligence Directive (DCID) 6/3 for granting an Approval to Operate (ATO) from the Department of Homeland Security (DHS) Designated Approval Authority (DAA) for SI Systems
  • Manage and review all appropriate C&A documentation for the USCG SI systems
  • Experience with the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) and DoDI 8510.01 “Risk Management Framework (RMF) for DoD Information Technology (IT)”
  • Knowledge of DITSCAP/DIACAP, DoDI 8500.1, and DIARMF. Familiarity with NIST 800-53 and ICD 503
  • Experience operating in complex professional environments with a variety of internal and external stakeholders across multiple organizations
  • Experience working with PEO C4I, SPAWAR and NAVAIR
  • Excellent verbal, interpersonal, and written communication and presentation skills
  • Familiar with Retina and ACAS scanning tools and evaluating their results
  • Sound business ethics, including the protection ofproprietary, confidential and classified information
  • Proficient with MS Office Suite (Outlook, Word, Excel, PowerPoint, Project, and/or Access), Visio and AutoCad
  • Anticipated travel requirement: 10-25 percent
  • Bachelor of Science in Computer Science or Electrical engineering and five (5) years demonstrated in-depth experience and specialized knowledge in the C4I field
  • Utilize engineering principles and experience to prepare engineering drawings, technical basis's, engineering change notices, work requests, equipment specifications, purchase requisitions, engineering transmittals, etc. as necessary to accomplish assigned tasks
  • Be comfortable interfacing with military and civilian management, as well as project teams from various regions
  • Have the technical skills to design, develop, and maintain information, metrics, and reporting environments to support the goals and objectives of our clients
  • Have the ability to coordinate meetings and events to include building agendas and presentations based on knowledge of relevant topics, advance briefings to senior leadership, facility coordination and management, and post event reports
  • Be able to prepare clients and process stakeholders for events via advance briefings and communications in face-to-face settings as well as over video teleconferences
  • Develop the ability to interpret technical specifications and conduct meetings
  • Complete assignments in accordance with engineering procedures, practices and standards and good work and engineering practices
  • Be able to communicate with the Customer and understand their needs. Provide appropriate support
  • Have excellent oral and written communication skills with attention to detail and demonstrated QA experience
  • Must have a minimum of 10 years of verifiable civilian or military experience overseeing operational tests of shipboard equipment, preferably on USCG vessels
  • Must have experience as a USCG Port Engineer
  • Must have strong written, oral, and presentation/communication skills; must exercise diplomatic tact
  • Must have experience with MS Office Suite including MS Excel, PowerPoint, and Word
  • Must be willing to travel and be underway on a Coast Guard vessel between 5 and 10 days per month
  • Bachelor’s Degree in Industrial, Civil, Aeronautical, Ocean, Naval Architecture & Marine Engineering, Electrical or Mechanical Engineering
22

Hbss Information Systems Security Engineer Resume Examples & Samples

  • Provide reports using DoD established formats to include operational impact. Assist as required with a full analysis of incidents to the Customer Computer Incident Response Team Leader, Network Information Assurance Officer (NIAO)/ Network Security Officer (NSO) and Information Assurance - Program Management Office (IA-PMO)
  • Candidate will implement HBSS migration/compliance strategy. Troubleshoot HBSS product issues and outages. Administer ePO tree structure management. Administer policy catalog management. Provide SME level support for the HBSS application at HQ and outlying areas. Provide escalation support for the customer. Coordinate ASI details and planning as needed
  • Maintain system patches. Maintain O/S, SQL, and HBSS STIG compliance. Develop, test, monitor and work with HBSS Support Admins on internal TTPs/SOPs. Provide oversight and guidance to HBSS Support Admins. Resolve ePO server (O/S, ePO, or SQL) issues. Maintain the ePO server (automated tasks, task scheduler, database maintenance tasks, etc). Review of HBSS threat events. Refine server tasks and policies as needed (tagging, ASCI, tree structure, etc)
23

Information Systems Security Engineer Resume Examples & Samples

  • Provide Information Systems Security Engineering (ISSE) lifecycle support to the Government in accordance with the principals delineated in NIST Special Publication 800-27, Engineering Principles for Information Technology Security (A Baseline for Achieving Security), Revision A, the RMF, and other applicable directives
  • Assess potential risks, mitigation measures, residual risks, and provide a recommendation to the Government for approval or disapproval; research and advise the Chief Information Security Officer and other government staff on recently developed countermeasures designed to protect systems from new threats; and assist in the development, implementation, and administration of effective security programs for approval by the Government
  • Conduct risk assessments to determine the risk posed by the integration of new systems or capabilities into the IT environment in accordance with the principles of NIST Special Publication 800-27 Rev A, NIST Special Publication 800-37 and 39, and security best practices
  • Provide oversight to the end-to-end development of an IA system or system component (e.g., concept, requirements, design, development, implementation, and/or integration)
  • Recommend security architectures to the Government that promote cost-effective and efficient systems solutions consistent with program objectives and measures of performance
  • Recommend network security measures that provide confidentiality, integrity, availability, authentication, and non-repudiation
  • Analyze the IA/IT environment and provide technical evaluations in identifying IA-related vulnerabilities, threats, and risks
  • Coordinate program remediation plans for addressing vulnerability findings
  • Recommend reciprocity risk management principles that standardize security assessments
  • Recommend the appropriate level of remediation to security anomalies or integrity loopholes such as system weaknesses or vulnerabilities
  • Assist the Government in ensuring the rigorous application of IA control implementation, principles, and practices in the delivery of agency IT systems guided by IC or DoD security policies
  • Evaluate engineering change request proposals that require additional system requirements and/or possible change to system architecture and provide updated security impacts that affect the system
  • Utilize common IA controls where possible
  • Collaborate and work with other subject matter experts on developing authorization packages in support of achieving Authority to Operate within required timelines
  • Assess and guide the implementation of identified corrections associated with technical vulnerabilities
  • Provide guidance on the maintenance of security configuration control of hardware, systems, and application software where needed
  • Collaborate with appropriate Cross Domain Service representatives to ensure proper authorization and alignment with agency processes
  • Participate in IA Engineering Working Groups, ISSE forums, Integrated Product Teams (IPT s), and provide IA guidance
  • Assist with inter-service agency ISSE agreements
  • Communicate and collaborate with program leads and technical SMEs in support of acquisition program milestones or projects
  • Support meetings and reviews (e.g., acquisition, program, readiness activities, Communications Security requirements review) as required by the Government
  • Maintain current documentation of ISSE processes and procedures
  • Information Technology Virtualization
  • Cloud IA Technologies
  • Public Key Infrastructure
  • Network and Host-Based Intrusion Detection and Prevention Systems
  • Cyber mission Computer Network Defense of space assets
  • Cyber Defense Techniques
24

Associate Information Systems Security Engineer Resume Examples & Samples

  • Bachelors degree in CS, CE, or EE is required, Masters preferred
  • Prior security experience is preferred, but not required
  • Desired certifications for DoD 8570.1 IASAE Level I,II, or III: CISSP, CISSP-ISSEP, CISSP-ISSAP
  • Additional desired certifications in CISA, CISM, CEH, or CPT
  • Direct experience with Risk Management Framework, ICD 503, DIACAP, DCID 6/3 accreditation processes, artifacts, and tools
  • US Gov’t Clearance: Active TS/SCI clearance preferred; if not, must have the ability to obtain and maintain TS/SCI clearance
  • Travel: Ability to travel up to 25% is required
  • A self-starter capable of working independently in a task/project structure, with the ability to assign, track, and execute tasks across multiple programs
  • An effective oral and written communicator and negotiator, able to highlight the significance and impact of information security issues in non-technical terms and negotiate appropriate cost-effective resolutions
  • Experience with IA vulnerability testing and related network and system test tools; e.g., Retina, NMap, Nessus, WASSP, SECSCN, Security Content Automation Protocol (SCAP)
  • Experience working U.S. Government contract proposals as a cyber-security subject matter expert must meet eligibility requirements for access to classified information
25

Information Systems Security Engineer / Isse Resume Examples & Samples

  • Execute day to day FISMA operations (including DHS Information Security Performance Plan) and CDM program activities
  • Research major obstacles related to the DHS ever-changing FISMA requirements
  • Provide recommendations on security controls, implementation, support and monitoring, and configuring of TSA's systems
  • Perform duties in close coordination with the ISSM and ISSO's in conducting information system security engineering activities to support TSA’s Systems Owners and other stakeholders
  • Participate in the RMF process as lead technical subject matter expert on cyber/systems security matters
  • Assist in developing systems IA security strategies to mitigate security concerns
  • Assist the ISSM & ISSO with preparation and maintenance of security plans, standard operating procedures and other system security documentation
  • Review security plan for security adequacy and resiliency
  • Ensure mitigation strategies are developed to remediate systems security vulnerabilities
  • Employ best practices and lessons learned when implementing security including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques
  • Compliance Analyst -Systems Analysis Focused
  • Execute day to day FISMA operations and CDM program activities
26

Information Systems Security Engineer Resume Examples & Samples

  • Offer is contingent on availability of funding
  • Personnel may be required to carry a corporate/government issued cell phone and be available for remote or onsite support
  • Obtaining and maintaining the required background investigation and/or clearance with assigned Department or Agency is required
  • 8-10 years Cyber security experience 2-3 years' experience in Assessment and Authorization in accordance with NIST SP 800-53, 800-53A, and 800-37
  • Prefer 2+ year experience in leading security assessments Federal Civil Agency experience
  • Must be able to obtain a Public Trust Level clearance
  • Minimum Security+ Certification, CISSP or Equivalent
  • Preferred Knowledgeable in NIST Risk Management Framework, NIST 800-53 Rev 4 controls, Vulnerability assessment tools, Continuous Monitoring Tools and processes
27

Information Systems Security Engineer Resume Examples & Samples

  • Conduct assessments of existing IT architecture for compliance with security requirements from applicable security frameworks (such as DSCID 6/3, ICD 503, etc
  • Provide input to IA A&A process activities and related documentation such as systems concept of operations, system security design, implementation plans, operational procedures, and maintenance training materials
  • Provide engineering support and assistance to authorization/accreditation test and evaluation activities
  • Evaluate proposed security architectures and designs and provide input as to the adequacy of those security designs to meet required security compliance objectives
  • Develop and maintain processes and procedures to identify, track and mitigate customer system vulnerabilities
  • Bachelor’s degree in Computer Science or other technology related degree
  • Experience completing or managing to completion projects/tasks/deliverables with minimal supervisory oversight
  • Advanced understanding of IT operations techniques
  • Advanced problem solving skills: able to use prior experience and knowledge to address new situations; especially during interactions with clients
  • Advanced analytical skills: able to use prior experience and knowledge to seamlessly incorporate new knowledge or information during client interactions
  • Experience with using NESSUS and other scanning applications
  • Information Systems Security Engineering Professional (ISSEP)
  • DOD Information Technology Security Certification and Accreditation Process (DITSCAP)
  • DOD Information Assurance Certification and Accreditation Process (DIACAP)
28

Information Systems Security Engineer Resume Examples & Samples

  • Work with development team to ensure the hardware and software architecture meets the security requirements for processing classified information
  • Work with development and integration teams to ensure that the hardware and software implementation meets the security requirements for processing classified information
  • Work with development team to provide security requirements for new capabilities being developed
  • Assist with preparation and maintenance of documentation
  • Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies
  • Evaluate the impact of new development on the operational security posture of the system
  • Develop and maintain documentation for C&A in accordance with ODNI and DoD policies
  • Develop and update the system security plan and other IA documentation
  • Evaluate the security of systems using various tools such as Nessus and Kali
  • Provide CM for security-relevant information system software, hardware, and firmware
  • Bachelor’s degree in Computer Science or related discipline from an accredited college or university
  • At least 12-15 years of experience as an Information Systems Security Engineer
  • DoD 8570 compliance with IAT Level III or higher required
  • Past or current experience working as an ISSE on a government contract
29

Information Systems Security Engineer Resume Examples & Samples

  • Seven (7) years’ experience as an ISSE on programs and contracts of similar scope, type, and complexity within the Federal Government required
  • Bachelor’s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university is required
  • Four (4) years of additional ISSE experience may be substituted for a bachelor’s degree
30

Information Systems Security Engineer Resume Examples & Samples

  • A Bachelor of Science degree or higher in Computer Science, Engineering or IT related field
  • Must have a minimum of 5 years related experience in defining and reviewing system security requirements for complex IT-based systems. You should also have experience and the ability to design and assess system security architectures and provide recommendations throughout the system development lifecycle
  • Must have prior experience supporting C&A activities, including the preparation and maintenance of information security certification and accreditation documentation, such as Systems Security Plans, System Characterization Documents, and Plan of Actions and Milestones
  • Must have familiarity and experience applying applicable National Institute of Science and Technology (NIST) requirements and standards
  • Must be able to pass a background investigation for a position of Public Trust
31

Information Systems Security Engineer Resume Examples & Samples

  • Support the development and implementation of policies, standards and guidelines related to information security and compliance
  • Manage the implementation and maintenance of key security technologies and processes including identity and access management, vulnerability assessment and penetration testing of software and hardware, configuration management and change detection, and security event management
  • Evaluate changes to the processing environment for security impact and present findings to management
32

Information Systems Security Engineer, Senior Resume Examples & Samples

  • Clearance: TS/SCI w/ FS Poly
  • Certification: DoD 8570 compliance with IASAE Level 3 requirements, CISSP-ISSAP or CISSP-ISSEP
  • A Master’s Degree in Computer Science or IT Engineering is desired and may be substituted for six years of experience
  • Membership (or equivalent recognition) on an external technical society committee/board
  • Working at a computer or desk (Considerations: Sitting, Eyes, Hands)
  • May involve long periods of sitting
33

Information Systems Security Engineer, Junior Resume Examples & Samples

  • 1+ years of experience with Cybersecurity, information assurance, or security practices
  • Knowledge of RMF, ICD 503, NIST 800–53, or NIST 800–82 documentation for system accreditations
  • Ability to demonstrate an excellent work ethic, initiative, and willingness to learn
  • Ability to be flexible with travel and job assignments
  • Ability to travel up to 50% of the time required
  • BA or BS degree required
  • Experience with evaluating security vulnerabilities and developing mitigation strategies for industrial control systems
  • Knowledge of ICD 503, ISO 27001, and IEC 62443 policies
  • BA or BS degree in Information Security, IT, or a related field
34

Information Systems Security Engineer Resume Examples & Samples

  • Develop and maintain secure baselines for systems and applications
  • Assist in the administration and maintenance of security appliances, systems and applications used within the Organization’s infrastructure
  • Engage in continuous tool improvement, process improvement and quality control and documentation activities to further enhance the Organization’s security posture
  • Assist in reviewing system-related security planning throughout the network
  • Review and analyze security logs, monitoring logs, firewall logs, IDS/IPS logs, as well as network and core related logs
  • Participate in assigned on-call and incident response activities as part of the incident response team
  • Investigate incidents through packet captures, reports, data visualization, and pattern analysis
  • Perform data analysis, aggregation, event correlation and information security threat detection
  • Assist in management of employee permissions and security within the Active Directory environment
  • Participate in ongoing maintenance, testing, and governance of business continuity and disaster recovery plans
  • Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Organizational security policy and enterprise solutions
  • Stay current on security trends and industry best practices; provide input and recommendations based on research
  • Candidate must be able to respond to after-hours requests as required in a 24x7 environment
  • Perform other related duties as assigned in accordance with qualifications
  • Ability to work independently, as well as a member of a team
35

Information Systems Security Engineer Principal Resume Examples & Samples

  • 9 years of relevant experience and a bachelor's degree
  • Customer-service and goal oriented
  • Government contracting or acquisition experience and ability to clearly define requirements
  • 10-15 years experience with DOD/IC Acquisition processes
  • Familiarity with the National Geospatial-Intelligence Agency and the functional area of geospatial intelligence (GEOINT)
  • Trained and experienced with using the XACTA Information Assurance web application
  • Familiarity with NGA Continuity of Operations processes; experience with writing Information Technology Disaster Recovery (ITDR) plans, Business Continuity Plans, and modifying and documenting Essential Functions
  • Familiarity with NGA dissemination and storage systems, to include IDS-D, NGL, IPL, WARP, etc
  • Ability to work in a dynamic work environment and being able to respond to short deadlines
  • Bachelor’s degree in engineering, finance or related field
  • 15-20 years experience with DOD/IC Acquisition processes
  • Familiarity with the National Geospatial- Intelligence Agency and the functional area of Geospatial intelligence (GEOINT)
36

Information Systems Security Engineer Senior Resume Examples & Samples

  • Demonstrated understanding of Certification and Accreditation processes
  • Proficiency with Microsoft Office Suite applications (Excel, Word, PowerPoint)
  • Bachelor’s degree in Business Administration, Management, Finance, Engineering or other related fields
  • 6-10 years experience with DOD/IC Acquisition processes
  • Familiarity with Services Oriented Architecture (SOA)
  • Master's degree with 4 years experience in IC community
37

Information Systems Security Engineer Resume Examples & Samples

  • Bachelor’s degree in a technical or engineering field
  • Fourteen (14) years of total experience, with at least 5 of those years in in-depth technical network engineering, virtual private networks and/or cloud services
  • Experience with MPLS, BGP and load balancing
  • Experience with Splunk, and/or other log management and security testing tools
  • Experience with VDI services such as Citrix
  • Focus on communications and networking needs between Cloud and data center, and Cloud and Internet (VPN) users
  • Work to ensure security controls are implemented by developers into newly created apps and services
  • Assist in testing for security vulnerability and weaknesses in newly created applications
  • Work within a Sprint to ensure features include security features and meet directives
  • Work within a Sprint to guild the teams on how to best include security features
  • Act as a bridge between developers and security personnel, by being able to understand and interface in both areas
  • Agile/SAFe
  • Cloud (AWS, AWS GovCloud, Azure, etc.)
  • IT Security, (CISP, CEH, Security+, etc.)
  • Mobile
  • DevOps
  • Organizational Skills: Proven ability to plan and prioritize work, both their own and within a project team. Follows tasks to their logical conclusion and makes sure that everything has been done to the right standard. Good attention to detail
  • Team Work: Comfortable working both individually and as part of a team. Prepared to challenge ideas within a group in a constructive way. Ability to influence others and move a team toward a common vision or goal
  • Communications: Ability to communicate clearly and efficiently to team members and clients, verbally and in writing. Able to present ideas in a variety of ways depending upon audience and context. Excellent active listening skills
  • Problem Solving: Natural inclination for planning strategy and tactics. Ability to analyze problems and determine root cause, generating alternatives, evaluating and selecting alternatives and implementing solutions
  • Results oriented: Able to drive things forward regardless of personal interest in the task
  • Leadership: Acute business acumen and understanding of organizational issues and challenges. Able to work effectively at all levels in an organization
38

Information Systems Security Engineer Resume Examples & Samples

  • Typically requires Bachelor’s degree in Computer Science, IT Information Security, or a related discipline and 12 to 15 years of experience
  • Expertise in the areas of vulnerability and risk management
  • Working knowledge of IT security assessment and network vulnerability tools
  • Experience with large scale enterprise IT contracts
  • Experience working with IT customers within the Department of Defense
39

Information Systems Security Engineer, Senior Resume Examples & Samples

  • 3+ years of experience with Cybersecurity, information assurance, or security practices
  • Experience with conducting vulnerability security scans
  • Knowledge of RMF, ICD 503, NIST 800-53, ISO 27001, IEC 62443, or NIST 800-82 documentation for system accreditations
  • BA or BS degree completed or completed by fall of 2018
40

Information Systems Security Engineer Resume Examples & Samples

  • Develop and/or review security views and viewpoints of the system architecture and design
  • Identify, quantify, and evaluate the costs/benefits of security functions and considerations to inform analysis of alternatives, engineering trade-offs, and risk treatment decisions
  • 3+ years of system engineering and/or system security engineering experience
  • Proficiency in system security engineering principles and methods
  • High School Diploma required / Bachelors’ Degree preferred. Must currently hold an approved DoDI 8570.01 certification. CISSP preferred. CISSP-ISSEP highly-desired
41

Information Systems Security Engineer Resume Examples & Samples

  • Information assurance (IA) baseline certification and operating system (OS) / computing environment (CE) certificate for an Information Assurance Workforce System Architect Engineer (IASAE) Level II as outlined in Department of Defense (DoD) Information Assurance Workforce Improvement Program 8570-01M
  • An active TS/SCI clearance with a Counter-Intelligence (CI) polygraph is required
  • A valid passport (or the ability to obtain one
  • Domestic (CONUS) and international (OCONUS) travel (<25%) required for this position
  • Must have at least 9 years relative experience
  • OS/CE certificate for Windows, Windows Server, and / or Unix highly desired
  • The International Information System Security Certification Consortium (ISC)2 Certified Information System Security Professional (CISSP) desired
  • The preferred candidate would have the ISC2 CISSP – Information Systems Security Engineering Professional (CISSP-ISSEP) certification
42

Information Systems Security Engineer SME Resume Examples & Samples

  • At least six years of experience across a broad range of cybersecurity management, operational, and/or technical activities. Ideal candidates will have been involved in major IT Security projects, including but not limited to: security architecture, design, think tanks, red teams, etc
  • Experience with CSAM, or other toolsets for managing security requirements/artifacts, vulnerability scanning, and NIST security guidance (SP 800 documents, such the NIST SP 800-53, Rev 4)
  • Four years of experience in National Institute of Standards (NIST) cybersecurity standards and best practices
  • One industry-recognized cybersecurity certification, such as: Certified Information Systems Security Professional (CISSP), Certification Information System Auditor (CISA), GIAC Certified Incident Handler (GCIH), Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), Offensive Security Web Expert (OSWE), Certified Ethical Hacker (CEH), or similar Certification and Authorization Professional (CAP)
  • Bachelor’s degree in Computer Science or related field
43

Information Systems Security Engineer Resume Examples & Samples

  • Serve as the lead ISSE for the customer and their components
  • Develop, implement and enforce Special Operations Forces regional or command unique IA policies and comply with ITMO established IA requirements for units connecting to the SIE
  • Develop the Information Assurance Vulnerability Assessment (IAVA) schedule, perform scanning and documentation of results
  • You should speak well in front of an audience and have the ability to present Information Assurance Briefs to high ranking personnel and incoming personnel in a clear, concise but comprehensive manner
  • Responsible for conducting training for all Security Engineers to include but not limited to RCERT training to conduct IAVAs
  • Perform the duties listed in Section 5.9, DoD I 8500.2
  • Be able to maintain a Top Secret Clearance
  • Bachelor's Degree or 5-7 years' of experience in Information Systems Security/Information Assurance
  • CISM or GSLC preferred
44

Information Systems Security Engineer Resume Examples & Samples

  • Validates and verifies system security requirements definitions and analysis and establishes system security designs
  • Designs, develops, implements and/or integrates IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements
  • Builds IA into systems deployed to operational environments
  • Supports the building of security architectures
  • Enforce the design and implementation of trusted relations among external systems and architectures
  • Assesses and mitigates system security threats/risks throughout the program life cycle
  • Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations
  • Reviews certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content
45

Information Systems Security Engineer Resume Examples & Samples

  • Bachelor’s Degree in a technical discipline with a minimum of 2 years related technical experience required for the level 2 role
  • Bachelor’s Degree in a technical discipline with a minimum of 5 years related technical experience required for the level 3 role
  • Active Top Secret Security Clearance is required
  • Practical experience in network forensics or a related field
  • Experience with encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research
46

Information Systems Security Engineer Resume Examples & Samples

  • ISSEs are to be certified in (ISC), CISSP and at least two of the following during the life of the Contract: SANS GSLC, or ISACA CISM
  • It is highly desirable that ISSEs have at least a Bachelor’s Degree in Computer Science, Computer Engineering, Information Technology or an equivalent Scientific Field
  • ISSEs shall also have a minimum of 10 years of Information Assurance related experience
  • ISSE’s must have knowledge of cybersecurity principles and new/current technologies (virtualization, cloud security, mobile security, etc.)
  • ISSE’s should be knowledgeable with NIST and CNSS publications and directives
  • Additional certification in two of the following recommended: CompTia Cloud Essentials, Cloud Certified Professional, Cloud Certified Technology Professional, Cloud Certified Architect, (ISC)2. Certified Cloud Security Professional (CCSP), and VMware Certification
  • Must have knowledge of risk management process (i.e. methods for assess and mitigating risk)
  • ISSEs should have strong knowledge of computer networking concepts and protocols, and network security methodologies
47

Information Systems Security Engineer Resume Examples & Samples

  • Top Secret government clearance; must be eligible to obtain SCI/CI (which includes a FBI Counter-Intelligence polygraph)
  • Current technical or business knowledge of Information Assurance and Certification & Accreditation requirements and practices in the FBI
  • Strong understanding of adjacent technologies relating to Information Assurance, i.e. Networking Fundamentals, Security Hardening Mechanisms, Security
  • Vulnerability Assessment Testing, NIST 800-53 Security Controls and their Assessments, System Development Life Cycle (SDLC), and IT Governance
  • Experienced in people management, project management processes, and Information Assurance tools
  • Strong communication, interpersonal and managerial skills
  • Understanding of immediate customer’s needs
48

Information Systems Security Engineer Resume Examples & Samples

  • Recommend system-level solutions to resolve security requirements
  • Fourteen (14) years of experience as an ISSE on programs and contracts of similar scope, type, and complexity are required
  • Bachelor's Degree in Computer Science, Information Assurance, Information Security System Engineering, or related disciplines (Four (4) years of ISSE experience may be substituted for a Bachelor’s degree.)
  • Certifications: DoD 8570 compliance with IASAE Level 2 is required (CISSP or CASP)
49

Journeyman Information Systems Security Engineer Resume Examples & Samples

  • Providing feedback to design engineers and evaluates end-to-end systems and systems-oriented products through their entire life cycles
  • Ensure products and systems comply with requirements and government information assurance and cyber security standards and practices through formal verification methods
  • Verifies/validates systems with specific emphasis on network operations and cyber warfare tactics, techniques, and procedures focused on the threat to information networks
  • Assesses performance using evaluation criteria and technical performance measure
  • Prepares assessments and cyber threats profiles of current and planned products based on sophisticated testing, research, and analysis
  • Produces high-quality papers, presentation, recommendations, and finding for senior US government intelligence and operations officials
  • Customer service and support and a working knowledge of IT security concepts and best practices
50

Senior Information Systems Security Engineer Resume Examples & Samples

  • Conducts research and evaluates technical performance of software products and overall segments and systems
  • Participates in design reviews of components (hardware and software) to ensure applicability to the currents system and traceability of requirements
  • Develops and maintains analytical procedures to meet changing requirements
  • Experience in Information Systems Security in either or both physical and virtualized environments
51

Senior Information Systems Security Engineer Resume Examples & Samples

  • 2FA
  • 4 years or more of experience completing security duties as outlined in Position Duties and Responsibilities
  • 2 years or more of experience implementing and applying NIST requirements such as NIST 800-53 (Security and Privacy Controls), NIST 800-53A (Assessing Security Controls), NIST 800-37 (Risk Management Framework) and NIST 800-34 (Contingency Planning)
  • 2 years or more of with experience with reviewing Intrusion Detection reports incident response and computer forensic experience
  • 1 year or more of experience with Change Management process in a datacenter environment
  • A Bachelor's degree from an accredited college and/or university (Information Technology) or equivalent experience, Master’s degree preferred
  • Possess at least one of the following certifications: CISSP, CCNA, CEH, CISM, CISA
52

Information Systems Security Engineer Resume Examples & Samples

  • Perform or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies
  • Validate and verify system security requirements definitions and analysis and establishes system security designs
  • Design, develop, implement and integrate IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements. Build IA into systems deployed to operational environments
  • Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application security policy and enterprise solutions
  • Support the building of security architectures
  • Contribute to the security planning, assessment, risk analysis, risk management, certification, and awareness activities for system and networking operations
  • Review Certification and Accreditation (C&A) documentation, providing feedback on completeness and compliance of its content
  • Apply system security engineering expertise in one or more of the following: system security design process; engineering life cycle; information domain; cross-domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (e.g., confidentiality, integrity, non-repudiation, availability, and access control); and security testing
  • Supportssecurity authorization activities in compliance with Information System Certification and Accreditation Process and DoD Information Assurance Certification and Accreditation Process process, the Risk Management Framework (RMF) process, and prescribed business processes for security engineering
  • Participate as a security engineering representative on engineering teams for the design, development, implementation and/or integration of secure networking, computing, and enclave environments
  • Participate as a security engineering representative on engineering teams for the design, development, implementation, and integration of IA architectures, systems, or system components
  • Participate as the primary security engineering representative on engineering teams for the design, development, implementation, evaluation, and/or integration of secure networking, computing, and enclave environments
  • Participate as the primary security engineering representative on engineering teams for the design, development, implementation, evaluation, and/or integration of IA architectures, systems, or system components
  • Support security planning, assessment, risk analysis, and risk management
  • Identify overall security requirements for the proper handling of Government data
  • Zero (0) to Seven (7) years of experience as an ISSE in programs and contracts of similar scope, type, and complexity for Government or Industry customers
  • TS/SCI w/polygraph
53

Information Systems Security Engineer Resume Examples & Samples

  • 5-7 years Government Compliance experience (Application Security)
  • DoD RMF
  • ICD-503
  • NIST Risk Management Framework (RMF)
  • Understanding of FISMA process
  • Experience with a formal Software Development Life Cycle (SDLC) process and configuration management tools
  • Desired Experience-
  • 3-4 of the 5 years in JAVA programming required and the remainder in C, C++, or Perl
  • Experience developing in an Oracle SOLARIS 10/11 or Red Hat Enterprise LINUX (RHEL) 6.x environment. RHEL is preferred
  • Unix system administration and shell scripting experience is also preferred
  • Experience developing software to format, generate, transform, parse, and process XML based data
  • Human Computer Interface Design (HCID) experience is preferred as well
  • Experience in OpenOffice or Libre Office integration or development preferred
54

Information Systems Security Engineer Resume Examples & Samples

  • 8+ years of related experience and a Top Secret Clearance
  • Applicable certifications may substitute for work experience and education
  • Must possess advanced knowledge of government information security requirements (DCID 6/3 and NISPOM) and technical experience with Windows and Linux operation system environments
  • Practical/working knowledge of system functions, security policies, technical security safeguards and operation security measures
  • Must be able to learn new skills quickly, demonstrate excellent problem solving skills, detail-oriented, flexible, and self-motivated
55

Senior Information Systems Security Engineer Resume Examples & Samples

  • Defines, plans, designs, and evaluates information security systems and architecture
  • Performs requirements analysis, design, and integration for complex software applications and collaboration infrastructures
  • Writes implementation and design documents describing how security features are implemented
  • Serves as the lead technical subject matter (SME) on cyber/systems security matters
  • Employs best practices and lessons learned when implementing security including software engineering methodologies, system/security engineering principles, secure design, and secure architecture
  • Provides system security engineering support in designing and integrating automated information systems auditing capabilities
  • Conduct certification testing and reporting in accordance with the Risk Management Framework (RMF) and NIST 800-53; identifies deficiencies (POA&M) and provides recommendations for solutions
  • Implements a strategy for continuous monitoring for assigned systems including: Establishing system audit trails and ensuring their review, reporting all identified security findings and initiating the periodic review of security controls
  • Ensure that ISs are operated, maintained, and disposed of in accordance with approved security policies and practices
  • Develops, implements, and enforces information systems security policies
  • Ensures that system security requirements are addressed during all phases of the IS lifecycle
  • Ensures implementation of a Configuration Management Plan (CMP) for software, hardware, and firmware is documented and maintained, and serve as a member of the Configuration Management Board, with Information System Security Manager (ISSM) and System Owner concurrence
  • Author or coordinate the development of System Security Plans (SSP) and other required system plans, e.g., Configuration Management Plan (CMP), Contingency Plan (CP), Continuity of Operations (COOP) and Disaster Recovery Plan (DRP) (as required) , and Incident Response Plan (IRP)
  • Support risk assessment and evaluation activities throughout the Security Assessment and Authorization (SAA) process
  • Ensure compliance with annual Federal Information Security Management Act (FISMA) deliverables and reporting, if required for assigned ISs
  • Serves as a resource for users concerning all security questions regarding assigned systems and applications
  • Ensure that all users have the requisite security clearances, authorization, and need-to know before granting access to the IS, and administer/witness signing of user agreements and or Rules of Behavior
  • Research and maintains knowledge of Information Assurance (IA) policies and practices, seeking clarification from the ISSM or higher authority when needed, and disseminates these to users
  • Requires expert technical knowledge in security engineering and IT systems engineering
  • Must possess excellent analytical skills and be capable of quantifying risk to enterprise systems and level of compliance with security policy
  • Experience with modern Windows, UNIX, network operating systems, databases, and virtual computing
  • Strong IT system and application engineering background with experience in cloud computing, Windows desktop and server, Active Directory Group Policy, SQL, networking, and auditing
  • Experience with certification testing, Risk Management Framework (RMF), information assurance tools, DoD STIG, and vulnerability assessment
  • CISSP is required. Candidates that do not current have a CISSP must be able to qualify and pass the certification within 6-9 months of hire
  • SPLUNK experience highly desired
  • Knowledge of information security engineering, design concepts and principles
  • Knowledgable with Systems Development Lifecycle (SDLC) methodologies and continuous monitoring activities
  • Extensive experience analyzing information technology and system risk in complex environments and articulating results (verbal/reports) to all levels of management
  • Demonstrated experience conducting information system security controls assessments (SCAs) and appling standard auditing techniques during system security controls assessments, including the proper interpretation of the control requirements, determining if the artifacts provided are sufficient, and recommending remedial actions to the customer to ensure compliance
  • Demonstated experience writing information system security documentation (SSPs, POA&Ms, PTAs, PIAs, CMPs, CPs and IRPs)
  • Extensive knowledge and experience with information security standards, policies and practices - NIST (800-53 rev4), FISCAM , FISMA, DOD, DCID, FBI, etc
  • Ability to research and address information security issues as required, being an authority on the subject
  • Must be a team player with "can do" attitude. Must be able to work independently with initiative and innovation
  • Well versed with using vulnerability assessment tools (NESSUS, AppDetective, etc.) and analyzing the results generated from these assessments
  • Proven ability to multi-task and deliver on-time with the highest quality
  • Exceptional interpersonal, verbal, and written communication skills, with the ability to collaborate well across teams and organizations, including interactions with senior-level executives. Candidates must be fluent in the English language
56

Special Access Programs Information Systems Security Engineer Resume Examples & Samples

  • 8+ years of experience with information security or information assurance experience in the DoD
  • 5 years of experience in gaining system ATO with DoD authorizing officials, including ICD 503 system accreditation
  • 3+ years of experience with enterprise architecture development and implementation and reviewing security architecture artifacts, including operational views, systems views, or capability views
  • DoD 8570 Compliance IAT Level III Certification including CASP, CISA, CISSP, GCED, or GCIH within 6 months of hire
  • Experience with Special Access Programs (SAPs)
  • Experience with information system accreditation in the IC
  • Experience with the DoD Architecture Framework (DoDAF)
  • Experience with DoD STIGs or national agency capability packages
  • Experience with reviewing and translating complex network implementations into uniform architectural depictions for leadership
  • Knowledge of Windows Enterprise AD architecture and VMWare virtualization
  • Knowledge of the proper implementation of the following capabilities within a network architecture: firewalls, intrusion prevention or detection systems, Web content filters, cross–domain solutions, packet capture, anomalous network behavior detection, security information event management, data loss prevention, session border controller, DMZ, and application whitelisting
  • MA or MS degree in CS, Information Systems, Software Engineering, or related analytical, scientific, or technical fields
57

Information Systems Security Engineer Resume Examples & Samples

  • Develop, implement, and enforce IA policies and procedures
  • Perform requirements analysis and system/network security design
  • Design and develop IA or IA-enabled products, interface specifications, and approaches to secure the environment as necessary
  • Assess threats to the environment and provide input on adequacy of security designs/architectures
  • Manage, monitor, and review security audit and intrusion detection system logs for attacks and anomalies
  • Conduct periodic vulnerability assessments of system/sub-system components
  • Develop and maintain a plan of actions to resolve all accepted risks upon completion of system DFARS assessments
  • Collaborate with Engineering Team on aspects of solution design and development
  • Support test events and work closely with development team to resolve issues
  • Develop security test procedures for project-related solutions
  • Conduct response to security incidents
  • Experience working with software and network teams to produce secure computing solutions
  • Knowledge of security and Information Assurance principles, concepts, and best practices
  • Experience supporting Intelligence Community and/or DoD organizations
  • Experience working with web, application, and network security techniques
  • Experience working with relevant OS (Windows, Linux) security hardening techniques
  • Experience working with PKI for user access and authorization
  • Knowledge of network and application monitoring tools
  • High-degree of analytical and critical thinking skills
  • Ability to successfully work independently on complex tasks
58

Information Systems Security Engineer Resume Examples & Samples

  • Build and enhance IAM solutions that integrate applications and other enterprise and security services with IAMS services
  • Align IAMS processes with business processes and identify required governance and policy needs, specifically in the areas of identity administration, provisioning, access governance, privileged access management, certification, and multifactor authentication
  • Provide Level 2 and Level 3 technical support and operation of IAMS environments
  • Integrate new and existing policies and technical controls for user authentication and Single Sign-On (SSO) for enterprise and native mobile applications
  • Develop all technical requirements for policies, procedures, and standards for provisioning new user accounts and resolving permission-related issues
  • Ensure IAMS services perform according to defined procedures/standards and ensure SLAs are met
  • Provide oversight and support of all IAMS lifecycle activities, including provisioning, de-provisioning, and periodic recertification activities and processes
  • Guide and perform access data cleanup; implement and oversee effective access data maintenance practices and account certification
  • 15+ years demonstrated experience with Information Security; modern Identity & Access Management concepts and best practices required; and formulating strategies, alternatives and recommendations in information security management
  • Expertise with the following technologies: Java Programming; Powershell; LDAP directories; Scripting SQL queries; Web-centric data types (JSON, XML, and/or SOAP)
  • Programming at least one major Microsoft enterprise platform (Windows, Exchange, SharePoint, Lync) is highly desired
  • Direct experience with Dell Hardware
  • Citrix XenDesktop 7
  • Hand-on experience building and maintaining Window 2012 R2 Hyper-V Environments
  • Experience in a large, geographically dispersed VDI environment
59

Information Systems Security Engineer Resume Examples & Samples

  • Bachelor's degree in Computer Science, Engineering, or related field
  • A minimum of five years of Information Assurance experience
  • Must have experience with DISA mandated security tools to include Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS)
  • Ability to apply knowledge of information security methodologies to the Systems Development Life Cycle SDLC
  • Knowledge of NIST SP800-53 security controls and how they apply to the DoD implementation of the Risk Management Framework
  • Expertise in the Information Assurance Vulnerability Alerts (IAVAs) compliance process
  • Security+ or other DoD 8570.01-M IAM Level I certification required
  • Must hold a current DOD Secret clearance
  • RMF Experience with Enterprise Mission Assurance Support Service (eMASS)
  • Experience with the DISA Application Security and Development STIG
60

Senior Information Systems Security Engineer Resume Examples & Samples

  • The ISSE shall be a part of the technical team that will upgrade and maintain the security posture of all networks at Blossom Point
  • Install and use software, such as firewalls and data encryption programs, to protect organizations’ sensitive information
  • Perform installation and processing of new security products and procedures
  • Will constantly monitor the networks and systems for security breaches or intrusions
  • Will install software that helps to notify the team of intrusions, and watch out for irregular system behavior
  • Conduct periodic scans of networks to find vulnerabilities and apply mitigation techniques
  • Perform incident response activities to minimize impact
  • Knowledge of risk assessment tools, technologies and methods
  • Ability to communicate network security issues to peers and management
  • Ability to read and use the results of mobile code, malicious code, and anti-virus software
61

Information Systems Security Engineer Resume Examples & Samples

  • Implement Information Assurance (IA) processes, provide guidance, and develop documentation throughout the system development life-cycle. Draft briefings, timelines, and design reviews for system development in accordance with prevailing IA regulations and policies
  • Draft and review documentation for all phases of the security authorization process, for Certification and Accreditation (C&A), required for program initiatives to receive Authorization(s) To Operate (ATO)s, Interim ATOs (IATO)s, Interim Authority To Test (IATT), and Certificates of Networthiness (CON) fro systems that reside on NSANET, NIPRNET, SIPRNET, and JWICS networks
  • Evaluate hardware design, operating systems, and software applications proposed for programs to ensure that each adequately address IA security requirements and provide confidentiality, integrity, availability, authentication, and non-repudiation. Ensure system designs properly mitigate identified threats/vulnerabilities and facilitate test and evaluation activities to validate as such
  • Be knowledgeable in IA policy to include AR 25-2 Information Assurance, DoDI 8510.01, DoD Information Assurance Certification and Accreditation Process (DIACAP), Director of Central Intelligence Directive (DCID 6/3), USCENTCOM 25-28 process, and DISA Security Technical Implementation Guides (STIG) and shall keep pace with changing policies and mandates
  • Coordinate with government Information System Security Officer (ISSO) on preparation of the Security Authorization and Information System Continuous Monitoring package
  • Manage Plan of Action and Milestones (POAMs) and identify, analyze, and propose risk mitigation strategies to facilitate efficient risk mitigation and closure
  • Assess and continuously monitor the effectiveness of mitigation strategies
  • Review systems security documentation in order to identify potential security weaknesses, recommend improvements to address vulnerabilities, implement changes and document security relevant changes
  • Provide advice and guidance on the application of FISMA requirements for cloud computing
  • Maintain system asset records in Xacta, to include development of system security controls, development and updates to the System Security Plan (SSP), and creation of a Certification Test Plan (CTP)
  • Perform vulnerability and compliance scanning on a monthly basis
  • Review vulnerability scan results and facilitate the resolution of all high and medium vulnerabilities in a timely manner
  • Run and review CIS hardening compliance scans and ensure system compliance with the clients baselines; work with system and database administrators to resolve discrepancies
  • Assess project issues and develop innovative solutions to meet productivity, quality, and client-satisfaction goals and objectives
  • Develop mechanisms for monitoring project progress and for intervention and problem solving with project and operations managers and system engineers
  • Must have and maintain an Active TOP SECRET SCI security clearance
  • Bachelor’s degree in computer science, computer engineering, network security, or equivalent experience, significant domain knowledge and customer intimacy
  • Minimum of 8 years of experience in security engineering, information security, programming or equivalent experience
  • Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies
  • Experience with tools such as Splunk, Cenzic, Foundstone, Cenzic, Rapid7, Tripwire, Bladelogic (or comparable tools)
  • Experience working with NIST Special Publications and A & A process methodology
  • Master's degree in pertinent field preferred
  • Army background is preferred
  • Knowledge of IC functional manager’s organizations, roles and responsibilities within the current customer intelligence community
62

Information Systems Security Engineer Resume Examples & Samples

  • Twenty (20) years of experience as an ISSE on programs and contracts of similar scope, type, and complexity are required
  • DoD 8570 compliance with IASAE Level 3 is required. Both Information Systems Security Engineering Professional (ISSEP) and CISSP Certifications are required
  • A Master’s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline may be substituted for two (2) years of experience, reducing the requirement to eighteen (18) years of experience
  • Four (4) years of additional ISSE experience may be substituted for a Bachelor’s degree
  • Bachelor's Degree or equivalent combination of education and professional experiencing skills
  • Have appropriate certification in compliance with the requirements of the DoD 8570 IAT Level II or able to obtain within 60 days of employment
  • Thorough understanding of network and operational security best practice
  • Self motivator with the ability to work independently as well as with a team
  • Good oral and written communication skills as well as good customer service skills
  • Proficient using Microsoft Office suite
63

Information Systems Security Engineer Resume Examples & Samples

  • Designs and develops highly complex, integrated solutions to meet business requirements or enhance performance
  • Provides escalated, highly complex technical support to customers by investigating and resolving systems-related matters of significance; provides support telephonically and/or electronically
  • Reviews literature, patents and current practices to support business requirements and/or new industry technology. Prepares reports regarding new technology to communicate to appropriate personnel
  • Bachelor degree and technical (hands-on) experience related to Information Assurance, Cyber Security, Systems Engineering requirements, assessments, development, and implementation
  • Industry knowledge and experience with information security toolsets including anti-virus, assessment, scanning tools
  • Knowledgeable of NIST Special Publications related to the computer security community
  • Knowledgeable with DHS IACS compliance tools, controls and processes
  • Experience conducting cybersecurity audits to ensure appropriate implementation and security compliance
  • Performing and providing vulnerability assessment results and recommendations
  • Assessing known systems vulnerabilities and verifying system hardening and patching activities to ensure compliance with applicable Security Requirements and related checklists
  • Working knowledge of cyber security toolsets
  • Experience with network and system security administration, including operating system security configuration and account management best practices for Operating Systems
  • Understanding of Systems Engineering requirements, specifications, and demonstrated experience implementing DoD and/or Federal IA Certification and Accreditation Processes, assessing and validating compliance with IA controls and developing and maintaining associated certification and accreditation documentation
64

Information Systems Security Engineer Resume Examples & Samples

  • TS SCI with Full Scope Polygraph
  • DoD 8570 Certification (Level II or higher)
  • Experience leading Information Assurance activities and supporting Information System Security Officers (ISSOs) on Intelligence Community (IC) programs and contracts
  • Seven (7) or more years of IA experience to include knowledge of current security tools; hardware/software security implementation; communication protocols; and encryption techniques/tools
  • Bachelor’s Degree from an accredited college or university. Or, four (4) years of additional experience may be substituted for a bachelor’s degree
65

Senior Information Systems Security Engineer Resume Examples & Samples

  • Implement security requirements based on laws, regulations or Presidential directives in compliance with FISMA and DHS Cyber-security initiatives
  • Integrate security design principles across disciplines and SELC process
  • Review proposed new systems, networks, software for potential security risks
  • Review security related product selection and implementation activities
  • Participate and provide security support in Vendors Source Selection process
  • Define the scope and level of detail for security plans applicable to the system
  • Identify need for changes based on new security technology and evolving threats
  • Analyze change requests to the system for security posture impact/updates
  • Review security incident response policy, manage security incident procedures
  • Execute duties described in DHS ISSO and DHS Security Authorization Guide
  • Manage and maintain system authorization status or Authority to Operate (ATO)
  • Perform Certification and Accreditation (C&A) to existing and new systems
  • Responsible for oversight and coordination of C&A activities of each system
  • Apply CBP Security Certification and Accreditation Process to assigned systems
  • Generate Security Artifacts templates for C&A artifacts requirement
  • Review and recommend approval on systems FIPS 199 and E-Authentication
  • Prepare and provide DHS formatted System Security Plan
  • Prepare System Owner and Information System Security Officer letters
  • Coordinate Security Test and Evaluation events between involved stakeholders
  • Participate Security Test and Evaluation process and Review ST&E report
  • Perform Vulnerability Assessment review and generate reports for System Owner and stakeholders
  • Have experience with analyzing vulnerabilities and providing guidance on secure IT implementation of various operating systems (e.g. Windows, Unix, Linux, and Mac)
  • Have experience with analyzing vulnerabilities and providing guidance on secure IT implementation of various applications (e.g. Oracle, SQL Server, Apache, IIS)
  • Have experience with analyzing vulnerabilities and providing guidance on secure IT implementation of network devices (e.g. switches, routers, firewalls)
  • Have experience with analyzing vulnerabilities and providing guidance on secure architecture design of various applications (e.g. internal-only, publicly available)
  • Have experience serving as an ISSO with a federal government system, a DHS system is a plus
  • Ability to interface with other systems’ ISSOs and provide support on multiple systems and security related issues
  • BS or equivalent + 5 years related experience, or MS + 3 years related experience
  • Excellent verbal/written communication skills
  • Able to work in a team environment
  • Understand Systems Engineering best practices
  • Understand the Systems Engineering “V” complete lifecycle
66

Information Systems Security Engineer Resume Examples & Samples

  • DoD 8570.01 compliance with IASAE Level 2 is required CISSP Certification is required
  • Four (4) years of ISSE experience may be substituted for a Bachelor’s degree
  • Have appropriate certification in compliance with the requirements of the DoD 8570 IAT Level I or able to obtain within 60 days of employment