Sr Info Security Associate

Quantech Services - Fort Meade, MD

posted 6 months ago

Full-time - Senior
Fort Meade, MD
Professional, Scientific, and Technical Services

About the position

The Senior Information Systems Security Engineer (ISSE) at Quantech Services, Inc. is a pivotal role that involves performing and reviewing technical security assessments of computing environments. The primary objective is to identify vulnerabilities and non-compliance with established cybersecurity standards and regulations, while also recommending effective mitigation strategies. The ISSE will validate and verify system security requirements, conduct thorough analyses, and establish robust system security designs. This role requires the design, development, implementation, and integration of cybersecurity systems and components across various environments, including those with multiple enclaves and differing data protection and classification requirements. In this position, the ISSE will be responsible for embedding cybersecurity into systems that are deployed in operational environments. This includes collaborating with architects and systems developers to identify and implement appropriate information security functionalities, ensuring a uniform application of agency security policies and enterprise solutions. The ISSE will also support the construction of security architectures and enforce the design and implementation of trusted relationships among external systems and architectures. Throughout the system development life cycle, the ISSE will assess and mitigate system security threats and risks, contributing to security planning, assessment, risk analysis, risk management, certification, and awareness activities for system and networking operations. Additionally, the ISSE will review certification and accreditation (C&A) documentation, providing feedback on its completeness and compliance. The role also involves supporting security authorization activities in compliance with the NSA/CSS Information System Certification and Accreditation Process (NISCAP), the DoD Risk Management Framework (RMF), and the NIST Risk Management Framework (RMF) process, as well as prescribed NSNCSS business processes for security engineering.

Responsibilities

  • Perform technical security assessments of computing environments to identify vulnerabilities and non-compliance with cybersecurity standards.
  • Recommend mitigation strategies based on security assessments.
  • Validate and verify system security requirements definitions and analysis.
  • Establish system security designs for various environments.
  • Design, develop, implement, and integrate cybersecurity systems and components.
  • Assist architects and systems developers in implementing information security functionalities.
  • Support the building of security architectures and enforce trusted relationships among external systems.
  • Assess and mitigate system security threats and risks throughout the system development life cycle.
  • Contribute to security planning, assessment, risk analysis, and risk management activities.
  • Review certification and accreditation documentation and provide feedback on compliance.
  • Support security authorization activities in compliance with NISCAP and RMF processes.

Requirements

  • Extensive knowledge of cybersecurity policies and procedures.
  • Experience in designing and implementing secure networking and computing environments.
  • Ability to interact effectively with customers and project team members.
  • Experience in security planning, assessment, risk analysis, and risk management.
  • Knowledge of system or network designs that encompass multiple enclaves with differing data protection requirements.

Nice-to-haves

  • Experience with NSA/CSS Information System Certification and Accreditation Process (NISCAP).
  • Familiarity with NIST Risk Management Framework (RMF) processes.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service