Senior Security Engineer with Security Clearance

Saint Louis, Missouri

STEMboard
Apply for this Job
NGA - St. Louis, MO - TS/SCI Required STEMBoard is a technology solutions company that creates smart systems and software solutions for government and large-scale private sector clients. We are growing fast and need passionate, innovative people who love working with technology and are ready to make an impact. Here's what you can expect from us: You will work with great people who love what they do: our team includes published authors, patent holders, and internationally renowned engineers. We care about our employees: we invest in professional development and reward creativity. Starting day one, every employee is bonus eligible and receives 20 days of paid vacation. We invest in the community: STEMBoard boasts a lively education and outreach program that teaches engineering to the historically underserved. Security Engineer (Senior Lifecycle Acquisition) MGS Duties may include: Participate in registration meetings to formally register all MGS related information systems with the Designated Approval Authority (DAA) for NGA.
Ensure the System Security Authorization Agreement (SSAA) documents for each IS are properly prepared, maintained, and accurately reflect the definition, development, security testing processes, and relevant security requirements.
Perform required actions to ensure all MGS related Information Systems are properly entered and maintained using the XACTA Information Assurance web application.
Review all aspects of proposed system security plans to ensure the system is being developed in compliance with NGA security guidelines, agency policies, and Intelligence Community Directives.
Ensure Vulnerability Assessment Testing (VAT) is scheduled and completed on an annual basis and any findings are addressed in a POAM.
Ensure that appropriate Information Assurance Vulnerability Alerts (IAVA) are reviewed, assessed, and responded to in a timely manner.
Maintain routine interface with the NGA C&A team (IAO, CE, and DAA) and keep them informed of any pending changes to the system baseline which may impact security.
Review and provide input on security-related test procedures prior to readiness reviews.
Advise the Program Manager (PM) for life cycle integrated security engineering, including review of Request for Change (RFCs), Engineering Change Proposals (ECPs), related C&A documents, attend design reviews, and ensure requirements are identified and documented.
Provide support to the Program Manager to ensure that all aspects of each Information System (IS) from initial concept, through development, to implementation and system maintenance, and continuous monitoring meet applicable NGA C&A requirements.
Provide advice and support to manage the IS throughout the life cycle including cost, schedule, and performance system development, and after initial operating capability (IOC) transitions the systems to operations.
Provide advice and support to the PM during the early stages of the system life cycle to initiate the C&A process, negotiate the security requirements that must be met, and the technical security features of the IS.
Responsible for ensuring that security guidance flows from the PM to the developer for satisfying the requirements to deliver the system, including the schedule for delivering a certified and accredited system.
Requirements Required: Twelve (12) years of total experience, with eight (8) years of demonstrated specialized experience in System Integration, System Engineering, Acquisition, or Project Management experience.
Bachelor's degree in system engineering, Computer Science, a related technical degree, or equivalent experience.
Active TS/SCI Clearance. Desired: Demonstrated understanding of the geospatial intelligence mission and its contributions to the IC.
Demonstrated understanding of Certification and Accreditation processes.
Demonstrated specialized experience with application with NGA systems architecture components & processes.
Understanding of DoD's GEOINT Tasking, Processing, Exploitation, and dissemination processes (TCPED).
DAWIA Level III/II certification in Program Management or equivalent (i.e. PMP) or applicable experience.
Demonstrated specialized experience using the XACTA Information Assurance web application.
Demonstrated specialized experience with NGA Continuity of Operations processes; experience with writing Information Technology Disaster Recovery (ITDR) plans, Business Continuity Plans, and modifying and documenting Essential Functions.
Maintain a professional certification as a Certified Information Systems Security Professional (CISSP).
Date Posted: 20 May 2024
Apply for this Job