Information System Security Engineer
Company: MRT, Inc. (Bay Careers)
Location: Colorado Springs
Posted on: June 19, 2022
Information System Security Engineer, L3-Sr. to join our team in
Colorado Springs, CO.
Responsibilities include, but are not limited to:
Provide subject matter expertise and capability to
consult/troubleshoot security related matters for enterprise
information systems and network architectures, system access
problems and implementation of security policies and procedures.
Ensure security access and protect against the unauthorized access,
modification, or destruction of systems or data. Demonstrate
familiarity with a variety of security concepts, practices, and
procedures, including the importance of building security
requirements and practices into the systems engineering process and
the software development lifecycle. A wide degree of
security-relevant creativity and latitude is expected.
Apply solid knowledge of information security principles and
practices. Manage and maintain the security integrity of all IT
systems and network architectures. Ensure systems are securely
operated, maintained, and disposed of in accordance with security
policies and practices defined by the federal government and
outlined in the security plan. Develop and maintain security plans
and associated documentation. Ensure all system users have the
correct authorizations and privileges to perform their jobs, and
are aware of their security responsibilities while accessing the
Provide training to system users on preferred security practices.
Author risk assessments and support certification and accreditation
activities. Participate in system reviews, to include custom, COTS
and GOTS software and hardware, and in-house software development,
and provide recommendations for securing the systems and
Other facets of the IT Security Engineer responsibilities include
the following:Provide daily, ongoing security oversight of assigned
systems, to include the security impact of proposed modifications,
additions, and technology refresh evolutions
Advise users of the security features and procedures used in their
Understand system security vulnerabilities and associated threats,
and assess the overall security risks to the system.
Provide mitigation recommendations to reduce identified security
Work directly with internal IT staff and customer to establish and
enforce IT security best practices, protection objectives, process
improvements and effective IT security controls
Perform application, database and system vulnerability scanning
using approved software tools
Thoroughly understand software installations, systems monitoring
and troubleshooting, account management, and overall efforts to
minimize system downtime
Thoroughly understand the administration of critical server
infrastructure, including stand-alone and virtual servers, server
backup and recovery, and platforms such as file servers and web
Provide support to the administration staff for security-relevant
applications, such as IDS/IPS and log manager, and associated
accounts. Assist in IT security incident response and
documentation. Perform regularly scheduled security reviews (e.g.,
technology, operations, and personnel).
Participate in all stages of higher headquarters assessments to
include Audits of Privileged Accounts, Security Control
Assessments, High Value Asset assessments and Penetration
Serve as the primary interface to government compliance and policy
teams to ensure the system consistently meets the requirements for
certification and accreditation. Participate in designing and
managing IT Security strategy including both infrastructure and
applications. Lead security and compliance-based projects. Consult
with users to determine requirements and provide security solutions
to meet needs. Assist with projects involving database and security
issues and requirements.
Ability to demonstrate technical knowledge of one or more of the
below mentioned technologies.
Current CISSP certification or equivalent level of certification
(CASP+CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH,
Experience as a Security Engineer supporting software architecture
Experience on security directives, policies, publications and
Experience in creating and maintaining System Security Plans
Experience with Disaster Recovery and Contingency planning
Experience in IT security certifications (CIPP, CompTIA Security +,
Possess clear understanding of security protocols and standards and
have experience with software and security architectures.
Understand how to design and implement security tests in accordance
with stated criteria
Experience with security practices of Intranet and Extranet
Experience with packet analyzers
Experience with Linux/UNIX Windows servers
Experience understanding protocols, such as, SSL/TLS, CIFS, HTTP/S,
DHCP, SMTP, LDAP/S and DNS
Experience in networking concepts and services, such as, VPNs,
IPSec, PKI and TCP/IP
Expertise with the accreditation process, such as Risk Management
Framework (RMF), with knowledge of NIST 800.53
Bachelor's degree or equivalent in Computer Science, Information
Systems Management, Information Technology or other related
discipline with 5 or more years related professional experience.
AGILE certification desired.
5+ years of experience in IT security field
Ability to function as an integral member of the Security Team,
demonstrating a desire to share and receive knowledge and
mentorship as needed.
Ability to work with minimal supervision and to function as an
integral member of the security team.
Strong communication skills, both oral and written
Organized, responsive and highly thorough problem solver
Familiar with security controls of Federal Information Systems
Familiar with high-availability (HA) and failover implementations
for network infrastructure and server systems
Familiar with SAN implementations and server clusters
Security Clearance Requirements:
Active DOD Secret clearance and ability to obtain agency
The person in this position must be able to remain in a stationary
position 50% of the time. Occasionally move about inside the office
to access file cabinets, office machinery, or to communicate with
co-workers, management, and customers, via email, phone, and or
virtual communication, which may involve delivering
This position supports an IT operations environment. All employees
should expect to support work on nights and weekends and may be
included in an on-call rotation for after-hours support.
Keywords: MRT, Inc. (Bay Careers), Colorado Springs , Information System Security Engineer, IT / Software / Systems , Colorado Springs, Colorado
Didn't find what you're looking for? Search again!