Jobs · Information Technology · Pennsylvania

Information System Security Engineer (ISSE) II (on-site)

Ishpi Information Technologies, Inc. (ISHPI) · Philadelphia, PA · 5 days ago
Information TechnologyFull-time

About the role

Ishpi Information Technologies, Inc. (DBA ISHPI) seeks a skilled Information System Security Engineer (ISSE) to support the Naval Surface Warfare Command in Philadelphia, PA. The selected candidate will provide cybersecurity support for the Code 104 Information Technology Operations Division.

Responsibilities

  • Provide cybersecurity support for A&A Cybersecurity Compliance and Audit readiness, IAVM, Vulnerability Scanning and Remediation, and STIG and SRG implementation.
  • Develop, maintain, and track Risk Management Framework (RMF) system security plans including System Categorization Forms, PIT Determination Checklists, AO Determination Checklists, Implementation Plans, SLCM Strategies, System Level Policies, Hardware Lists, Software List, System Diagrams, PIA, and POA&M.
  • Execute the RMF process for IATT, AO approval, ATO, and DATO.
  • Identify and tailor IT and CS security control baselines based on RMF guidelines and categorization of the RMF boundary.
  • Perform Ports, Protocols, and Services Management (PPSM).
  • Conduct IT and CS vulnerability-level risk assessments.
  • Execute security control testing as required by a risk assessment or annual security review (ASR).
  • Mitigate and remediate IT and CS system level vulnerabilities for all assets within the boundary per STIG requirements.
  • Develop and maintain Plans of Actions and Milestones (POA&M) in eMASS.
  • Implement and assess STIG and SRGs.
  • Perform and develop vulnerability assessments with automated tools like ACAS, SCC, and evaluate STIG.
  • Deploy security updates to Information System components.
  • Perform routine audits of IT system hardware and software components.
  • Maintain inventory of Information System components.
  • Participate in IT change control and configuration management processes.
  • Upload vulnerability data in VRAM.
  • Image or re-image assets that are part of the assigned RMF boundary.
  • Install software and troubleshoot software issues as necessary to support compliance of the RMF boundaries' assets.
  • Assist with removal of SSD, HDD, or other critical components of assets before destruction and removal from the RMF boundary.
  • Support cybersecurity patching of assets in times of DoD and DoN TASKORDs, FRAGORDs, or designated by Command ISSM, ACIO, and/or Code 104 management.
  • Support configuration change documentation and control processes and maintaining DOD STIG Compliance.
  • Support cyber compliance of assets that are part of an enterprise IT network to include Windows server and CISCO networking hardware.

Requirements

  • Bachelor’s degree in Computer Science, Information Technology, or an equivalent technical degree from an accredited college or university.
  • Three (3) years professional experience capturing and refining information security operational and security requirements, and ensuring those requirements are properly addressed through purposeful architecting, design, development, and configuration; and implementing security controls, configuration changes, software/hardware updates/patches, vulnerability scanning, and securing configurations.

Qualifications

  • Minimum Certification Requirement includes one of the following: CCNA-Security, CySA+, GICSP, GSEC, or Security+ CE.

Skills

  • Knowledge of cybersecurity principles and practices.
  • Experience with RMF process and STIG requirements.
  • Proficiency with vulnerability scanning and remediation tools.
  • Ability to manage and mitigate IT vulnerabilities.
  • Strong communication and problem-solving skills.

Benefits

Not specified.

Pay

Not specified.

Schedule

Not specified.

Equal Opportunity Employer

Ishpi Information Technologies, Inc. is an Equal Opportunity Employer. All qualified candidates will be considered without regard to legally protected characteristics.

Similar jobs