Information Systems Security Engineer

Arlington, Virginia

Spathe Systems LLC
Apply for this Job
Overview Spathe is currently searching for a Information Systems Security Engineer (ISSE) to join our team in the Arlington, VA area. Spathe Systems is a rapidly growing SOF led, 8(a) defense contractor headquartered in Tampa, FL with offices in Fayetteville, NC and strategic partner locations in Virginia Beach and Coronado. As a small business with a tight knit family feel, Spathe empowers its employees to solve problems and make decisions. Responsibilities The ISSE will work as part of a team reviewing and assessing Risk Management Framework (RMF) authorization body of evidence for classified information systems, to include: System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Continuous Monitoring Plan, Incident Response Plan, Access Control Plan, Security Assessment Plan, etc. Review new and existing systems for technical compliance with IA directives and protection of data at all classification levels including SCI. Advise on in-depth security design review and threat/risk assessments. Provide inputs to technical artifacts, including Plans of Action and Milestones (POA&Ms), Security Control Traceability Matrices (SCTM), and Risk Assessment Reports (RARs). Conduct site visits and assessments to inspect IA plans and security control implementations and support Incident Response Team (IRT) activities. Nice to haves : Other Security related certification (Cloud, SIEM, forensics, Linux, Windows, etc) Experience working in a DevSecOps project environment. Formerly or currently a system administrator, developer, or engineer. Experience with OpenRMF, eMASS, MS Active Directory, Splunk, ACAS/Nessus, McAfee, Windows, Linux, AWS Security, etc. Strong verbal and written communication skills. Able to engage with users in a professional manner and present technical concepts plainly to semi-technical customers. Ability to interface with seasoned Government personnel. Ability to work in a matrixed team environment and support multiple different efforts as needed. Desire to learn new technologies and tools and willing to share your experience with the team JSIG or ICD 503 compliance Qualifications Must haves: DoD 8570 IAT Level II certification or higher (Sec+, CISSP, CASP, etc.) Ability to support a hybrid work schedule with 2-3 days per week on-site (Arlington, VA) 5+ years of implementing NIST 800-53, Rev 4 and the Risk Management Framework (RMF) 5+ years of experience with Windows and Linux environments. 5+ years of experience with virtualization or cloud environments. 2+ years of using information security and assurance practices and principles. Clearance Required: An active Secret and willingness to take a Polygraph if/when selected by the client Job Type: Full Time Work Location: One location - Arlington, VA Travel: Up to 10% travel during the year. Benefits: Health insurance Dental insurance Retirement plan Paid time off 11 paid holidays per year Position ID: JF01ISSE
Date Posted: 08 May 2024
Apply for this Job