Cyber Information Systems Security Engineer
Company: Parsons Corporation
Location: Chantilly
Posted on: June 20, 2022
|
|
Job Description:
**Minimum Clearance Required to Start:**
Top Secret SCI w/Polygraph
**Job Description:**
Ready for a challenge that will require your experience and keep
you on the edge of cyber security? Parsons is looking for a
Cybersecurity Information System Security Engineer (ISSE)
experienced in development, security, and operations (DevSecOps)
and the implementation of fundamental, sound practices for secure,
agile software development. This Cyber ISSE will ensure that
appropriate security engineering principles, concepts, methods, and
practices are applied throughout the system development lifecycle
(SDLC) to achieve customer objectives for the protection of
mission-critical assets; will reduce system vulnerabilities through
application of applicable practices such as those documented in
NIST Special Publication 800-218 Secure Software Development
Framework (SSDF).
Parsons' extensive experience in the system security engineering
field, combined with your technical DevSecOps knowledge, will
propel your career forward with opportunity for advancement with
top performance. Training, development and opportunities to switch
teams and projects as you and our fast-paced business grow and
evolve. We need our engineers to be versatile, display leadership
qualities and be enthusiastic to tackle new challenges across the
full stack as we continue to push security forward. Cyber ISSEs
design, develop, and implement leading-edge analytical and
technical methodologies, tools, and policies/standards to ensure
cyber-secure implementations of systems and environments.
Responsibilities:
+ Define system security requirements in coordination with security
stakeholders including system engineers, program managers, security
control assessors, and authorizing officials.
+ Provide independent cybersecurity advice and guidance to
government stakeholders
+ Develop or review system security designs and architectures.
+ Advise software engineers on best methods to remediate
vulnerability findings through secure practices throughout the
SDLC
+ Support engineering analysis of alternatives, tradeoffs, and risk
treatment decisions
+ Develop cybersecurity documentation in support of customer Risk
Management Framework (RMF) process; in accordance with NIST SP
800-37 Rev 2.
+ Work with interdisciplinary teams to deliver securely engineered
software as a natural result of a trusted development chain.
Qualifications:
+ Active Top Secret/SCI with Polygraph
+ 5 years minimum of system and/or security engineering work
performed in support of U.S. Government customers subject to
Intelligence Community Directive (ICD) 503.
+ (ISC)2 Certified Information System Security Professional (CISSP)
certification.
+ Experience implementing secure development practices in keeping
with NIST SP 800-218 guidelines
+ Experience supporting secure agile development using industry
standard automation tools such as GitLab, Jenkins, Jira, OWASP,
etc.
+ Experience defining system security requirements in coordination
with security stakeholders including system engineers, program
managers, security control assessors, and authorizing
officials.
+ Experience providing independent cybersecurity advice and
guidance to government stakeholders
+ Experience developing and/or reviewing system and software
security designs and architectures.
+ Ability to advise software engineers on best methods to remediate
vulnerability findings throughout the SDLC
+ Ability to support engineering analysis of alternatives,
tradeoffs, and risk treatment decisions
+ Experience creating and supporting secure development
capabilities to include strong performance in maintaining patch
management
+ Knowledge of Cloud (i.e. Azure, Amazon C2S, Commercial and
GovCloud) security planning, design, and operations
+ Experience with the development of secure containerized
microservices and containers
+ Strong initiative and communication skills
+ Ability to explain complex cybersecurity issues to a diverse
audience in layman's terms
+ Experience implementing or assessing cybersecurity solutions
using technologies such as: Nessus, WebInspect
+ Some ability to travel in support of program activities
ADDITIONAL PREFERRED EXPERIENCE:
+ Experience presenting verbal/written communications to Senior
leadership including ISSMs, ISOs, security directors
+ Experience with systems engineering lifecycle processes
+ Act as an advisor the Government ISSM on ATO extensions, body of
evidence reviews
+ Participating in RFC/CCB reviews as voting member for Government
customer programs
+ Experience guiding systems through the approval process per
NIST-800-37 RMF
Must be able to obtain, maintain and/or currently possess a
security clearance.
The position may require a COVID vaccination or an approved
accommodation/exemption for a disability/medical condition or
religious belief as required by federal, state, provincial or local
mandates or customer requirements.
About Us
Parsons is a digitally enabled solutions provider focused on the
defense, security, and infrastructure markets. With nearly 75 years
of experience, Parsons is uniquely qualified to deliver
cyber/converged security, technology-based intellectual property,
and other innovative services to federal, regional, and local
government agencies, as well as to private industrial customers
worldwide.
Parsons is an equal opportunity, drug-free employer committed to
diversity in the workplace. Minority/Female/Disabled/Protected
Veteran/LGBTQ+.
For more about Parsons, visit parsons.com and follow us on
Facebook, Twitter, LinkedIn, and YouTube.
Keywords: Parsons Corporation, Chantilly , Cyber Information Systems Security Engineer, IT / Software / Systems , Chantilly, Virginia
Click
here to apply!
|