Cordia is partnered with a proven global defense and space company who is seeking to fill an Information Systems Security Engineer
role. In this position, you will provide security planning, assessment, risk analysis, and risk management support.
Information Systems Security Engineer
$135k - $145k
Hybrid - Columbia, MD
Target Start Date:
Implement the Cyber Security requirements of IT systems and applications documenting them in formal security engineering documents using the Risk Management Framework and supporting artifacts associated with risk assessments. Apply knowledge of security principles, policies, and regulations to daily tasking. Conduct security compliance evaluations on IT products using all-source analysis, and test lab, and apply test results to create secure configuration guidelines and baselines.
The candidate will provide input to A&A process activities and related documentation such as security concept of operations, systems security plans security control assessments, contingency plans, configuration management plans, incident response plans, plan of actions and milestones, risk management plans, vulnerability, and compliance scanning, and/or vulnerability management plans.
Information Systems Security Engineer Key Responsibilities:
- Verify stability, interoperability, portability, security, or scalability of system architecture.
- Collaborate with engineers or software developers to select appropriate design solutions or ensure the compatibility of system components.
- Perform technical security assessments of computing environments to identify points of vulnerability, and non-compliance, with established Information Assurance (IA) standards and regulations and recommend mitigation strategies.
- Enforce the design and implementation of trusted relations among external systems and architectures.
- Assess and mitigate system security threats/risks throughout the program life cycle.
- Review Plans of Actions and Milestones (POA&Ms) to ensure weaknesses are identified, effective/acceptable mitigation strategies are planned, and timelines are acceptable and on track.
- Contribute to the security planning, assessment, risk analysis, risk management, certification, and awareness of activities for system and networking operations.
- Communicate with staff or clients to understand specific system requirements.
- Must possess a minimum of 5 years of experience.
- Candidates must have a practical, working knowledge of IT audits, conducting security assessments and authorizations, familiarity with the use and operation of security tools, and be able to enforce the design and implementation of trusted relations among external systems and architectures.
- BS or BA in Computer Science, Information Assurance, Computer Engineering, or related discipline.
- DoD 8570/8140 compliant certifications