ColoradoSpringsRecruiter Since 2001
the smart solution for Colorado Springs jobs

Information System Security Engineer

Company: MRT, Inc. (Bay Careers)
Location: Colorado Springs
Posted on: September 24, 2022

Job Description:

Information System Security Engineer, L3-Sr.

Responsibilities include, but are not limited to:

Provide subject matter expertise and capability to consult/troubleshoot security related matters for enterprise information systems and network architectures, system access problems and implementation of security policies and procedures. Ensure security access and protect against the unauthorized access, modification, or destruction of systems or data. Demonstrate familiarity with a variety of security concepts, practices, and procedures, including the importance of building security requirements and practices into the systems engineering process and the software development lifecycle. A wide degree of security-relevant creativity and latitude is expected.
Apply solid knowledge of information security principles and practices. Manage and maintain the security integrity of all IT systems and network architectures. Ensure systems are securely operated, maintained, and disposed of in accordance with security policies and practices defined by the federal government and outlined in the security plan. Develop and maintain security plans and associated documentation. Ensure all system users have the correct authorizations and privileges to perform their jobs, and are aware of their security responsibilities while accessing the system.
Provide training to system users on preferred security practices. Author risk assessments and support certification and accreditation activities. Participate in system reviews, to include custom, COTS and GOTS software and hardware, and in-house software development, and provide recommendations for securing the systems and software.
Other facets of the IT Security Engineer responsibilities include the following:Provide daily, ongoing security oversight of assigned systems, to include the security impact of proposed modifications, additions, and technology refresh evolutions
Advise users of the security features and procedures used in their Information Systems
Understand system security vulnerabilities and associated threats, and assess the overall security risks to the system.
Provide mitigation recommendations to reduce identified security risks
Work directly with internal IT staff and customer to establish and enforce IT security best practices, protection objectives, process improvements and effective IT security controls
Perform application, database and system vulnerability scanning using approved software tools
Thoroughly understand software installations, systems monitoring and troubleshooting, account management, and overall efforts to minimize system downtime
Thoroughly understand the administration of critical server infrastructure, including stand-alone and virtual servers, server backup and recovery, and platforms such as file servers and web servers

Provide support to the administration staff for security-relevant applications, such as IDS/IPS and log manager, and associated accounts. Assist in IT security incident response and documentation. Perform regularly scheduled security reviews (e.g., technology, operations, and personnel).
Participate in all stages of higher headquarters assessments to include Audits of Privileged Accounts, Security Control Assessments, High Value Asset assessments and Penetration tests.
Serve as the primary interface to government compliance and policy teams to ensure the system consistently meets the requirements for certification and accreditation. Participate in designing and managing IT Security strategy including both infrastructure and applications. Lead security and compliance-based projects. Consult with users to determine requirements and provide security solutions to meet needs. Assist with projects involving database and security issues and requirements.

Basic Qualifications:

Ability to demonstrate technical knowledge of one or more of the below mentioned technologies.

Current CISSP certification or equivalent level of certification (CASP+CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP)
Experience as a Security Engineer supporting software architecture development environments
Experience on security directives, policies, publications and regulations
Experience in creating and maintaining System Security Plans
Experience with Disaster Recovery and Contingency planning
Experience in IT security certifications (CIPP, CompTIA Security +, CPP, PSP)
Possess clear understanding of security protocols and standards and have experience with software and security architectures.
Understand how to design and implement security tests in accordance with stated criteria
Experience with security practices of Intranet and Extranet
Experience with packet analyzers
Experience with Linux/UNIX Windows servers
Experience understanding protocols, such as, SSL/TLS, CIFS, HTTP/S, DHCP, SMTP, LDAP/S and DNS
Experience in networking concepts and services, such as, VPNs, IPSec, PKI and TCP/IP
Expertise with the accreditation process, such as Risk Management Framework (RMF), with knowledge of NIST 800.53
Bachelor's degree or equivalent in Computer Science, Information Systems Management, Information Technology or other related discipline with 5 or more years related professional experience. AGILE certification desired.

Preferred Qualifications:

5+ years of experience in IT security field
Ability to function as an integral member of the Security Team, demonstrating a desire to share and receive knowledge and mentorship as needed.
Ability to work with minimal supervision and to function as an integral member of the security team.
Strong communication skills, both oral and written
Organized, responsive and highly thorough problem solver
Familiar with security controls of Federal Information Systems
Familiar with high-availability (HA) and failover implementations for network infrastructure and server systems
Familiar with SAN implementations and server clusters

Security Clearance Requirements:

Active DOD Secret clearance and ability to obtain agency suitability clearance

Keywords: MRT, Inc. (Bay Careers), Colorado Springs , Information System Security Engineer, IT / Software / Systems , Colorado Springs, Colorado

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Colorado jobs by following @recnetCO on Twitter!

Colorado Springs RSS job feeds