Information Systems Security Engineer

Summary

Join NT Concepts, an innovative National Security company, as an Information Systems Security Engineer (ISSE). You will contribute to critical government system advancements within the Intel Community. This remote-flexible position, based in the DC Metro area, requires an active TS/SCI CI Poly clearance. Responsibilities include leading cybersecurity initiatives, ensuring compliance, and developing security documentation. You will collaborate with various teams and provide guidance on regulatory frameworks like NIST 800-53 and ICD503. The role involves performing self-assessments and collaborating on vulnerability remediation. This is an opportunity to make a real impact on national security while enjoying a supportive and growth-oriented company culture.

Requirements

• Bachelor’s degree in cybersecurity related field
• Active TS/SCI with CI Poly Required
• Strong expertise in cybersecurity, risk management, and IT systems support
• Extensive experience in developing and maintaining security documentation, performing risk assessments, and providing technical support to project teams
• CompTIA Security+ Certification
• Certified Ethical Hacker (CEH)
• CompTIA Advanced Security Practitioner (CASP)
• Prolonged periods of sitting at a desk and working on a computer
• Must be able to lift 10-15 pounds at times

Responsibilities

• Lead cybersecurity initiatives, manage the security posture of information systems, and ensure compliance with regulatory frameworks
• Work closely with system administrators, developers, and key stakeholders to implement and maintain robust cybersecurity controls
• Lead the development and maintenance of cybersecurity documentation, including Plans of Action and Milestones (POA&M), Information Assurance Vulnerability Management (IAVM) plans, and other security-related artifacts
• Develop comprehensive POA&Ms to track and manage remediation efforts for identified vulnerabilities
• Create and maintain IAVM plans to review and implement Information Assurance Vulnerability Alerts (IAVAs), Information Assurance Vulnerability Bulletins (IAVBs), and Information Assurance Vulnerability Technical Advisories (IAVTs), ensuring all updates are documented and tracked effectively
• Produce and update cybersecurity plans, procedures, and guidelines to maintain compliance with regulatory requirements
• Coordinate and plan Information Assurance (IA) efforts for the deployment and sustainment of Information Systems (IS), whether they are standalone or part of an enterprise
• Plan and execute IA activities to support the deployment and sustainment of IS, ensuring that systems are secure and compliant with Department of Defense (DoD) regulations
• Work closely with system administrators and other stakeholders to integrate IA considerations into system development and maintenance processes
• Develop and implement IA strategies for both standalone systems and enterprise systems
• Provide guidance and instruction on regulatory frameworks such as NIST 800-53, ICD503, and CNSSI1253 to ensure compliance with Department of Defense (DoD) and other relevant standards
• Offer expert advice on the application of these standards to ensure that systems meet compliance requirements
• Conduct training sessions and workshops to educate team members and stakeholders on these regulatory frameworks
• Regularly review and update compliance documentation to reflect the latest standards and regulations
• Perform self-assessment tests using standard Commercial Off-The-Shelf (COTS) and Government Off-The-Shelf (GOTS) tools to complete full Authorization to Operate (ATO) assessments
• Utilize tools such as ACAS, SPLUNK, and other COTS/GOTS solutions to conduct thorough self-assessment tests
• Analyze assessment results to identify vulnerabilities and developing remediation plans
• Document assessment findings and prepare reports to support ATO assessments
• Collaborate with system administrators, database administrators (DBAs), and developers to provide guidance and direction for testing and implementing changes to adjudicate vulnerabilities and implement cybersecurity controls
• Work closely with system administrators, DBAs, and developers to test and implement necessary changes to address identified vulnerabilities
• Provide clear guidance and direction on cybersecurity best practices and controls
• Ensure that all changes are properly tested and documented to maintain system security

Benefits

• Competitive benefits
• Opportunities to bolster your skills and develop new abilities
• Company culture dedicated to support and service