Fully Onsite ISSE *TS/SCI w CI Poly*

Zachary Piper Solutions is seeking an Information Cyber Security Engineer (ISSE) to join one of our clients in supporting a large DoD program. This role is fully onsite in Chantilly, VA. The ISSE will serve as a product SME and technical lead. 

*A current and active TS/SCI with CI Polygraph is required to apply*

Responsibilities of the ISSE:

• Provide IA security requirements to update system requirement documents.
• Coordinate IA matters with other directorates and external partners.
• Perform technical security assessments to identify vulnerabilities and recommend mitigation strategies.
• Validate and verify system security requirements and establish security designs.
• Ensure software, hardware, firmware, and infrastructure comply with security guidelines.

Necessary Qualifications for the ISSE:

• 7+ years of relevant experience
• Experience with certification and accreditation (C&A) documentation.
• Familiarity with NIST Risk Management Framework (RMF) and ICD 503 processes.
• Ability to assist architects and developers in implementing information security functionality.
• Experience in building and supporting security architectures.
• Education: Bachelor’s degree or equivalent experience 
• Certifications: Security+, CISSP, or equivalent certification required.
• Clearance: TS/SCI w CI Poly

Compensation for the ISSE:

• Salary: $130k-$155k (dependent on experience)
• Full Standard Benefits: Paid Time Off, Paid Holidays, Healthcare (Medical, Dental, Vision), Retirement Savings Plan (401K), and more

Keywords: Information Assurance, IA, security requirements, system requirement documents, coordination, directorates, external partners, technical security assessments, computing environments, vulnerabilities, non-compliance, IA standards, regulations, mitigation strategies, validation, verification, system security requirements, analysis, system security designs, security guidelines, policies, procedures, IA policy, workforce structure, secure networking, computing, enclave environments, toolkits, SEIMs, LogRhythm, ACAS, Nessus, SCAP, mandatory access control, role-based access control, SE Linux, RHEL, PitBull, Windows, Oracle, MS SQL, database security, Apache, IIS, web server security, security planning, risk analysis, risk management, government data, security planning, assessment, certification, awareness activities, system networking operations, C&A documentation, feedback, completeness, compliance, system security engineering, design process, engineering life cycle, information domain, cross domain solutions, commercial off-the-shelf, government off-the-shelf cryptography, identification, authentication, authorization, system integration, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, certification and accreditation process, confidentiality, integrity, non-repudiation, availability, access control, security testing, security authorization activities, Information System Certification and Accreditation Process, ICD 503, NIST Risk Management Framework, RMF process, ICs business processes, security engineering, architects, systems developers, government security policy, enterprise solutions, security architectures, security threats, security risks, program life cycle, trusted relationships, external systems, architectures.

 #LI-DT1 #LI-HYBRID #LI-DNI