Lead, Information Security Systems Engineer - TS/SCI - Chantilly, VA
Company: L3Harris
Location: Chantilly
Posted on: March 17, 2023
|
|
|
Job Description:
Description:
Job Title: Information Security Systems Engineer
Job Code: SAS20232301-96024
Job Location: Chantilly, VA
Job Description:
Applies current systems security engineering methods, practices and
technologies to the architecture, design, development, evaluation
and integration of systems and networks to maintain system
security. Works closely with Government customers to ensure that
the security protection needs, concerns and requirements are
defined and implemented with appropriate fidelity and rigor, early
and in a sustainable manner throughout the life cycle of system
that will allow for the security authorization of the system of
interest. Works with systems developers or commercial product
vendors in the design and evaluation of state-of-the-art secure
systems, networks, and database products. Uses methods such as
encryption technology, vulnerability analysis and security
management. Responsible for integration of multiple methods into a
cohesive system security perimeter and environment and the policies
and procedures necessary to monitor and maintain such an
environment. Will prepare Certification and Accreditation
documentation, using multiple standards under RMF and derivitive
processes (DOD 8510, JSIG, ICD-503, CNSSI 1253), to achieve
security authorization of supported systems. Represents program
security needs, concerns and requirements at customer meetings.
Essential Functions:
Experience in Static Application Security Testing (SAST) for
Application Security and Development STIG compliance using tools
such as Fortify and Gitlab as part of a DevSecOps Continuous
Integration/Continuous Deployment (CI/CD) Pipeline, and generation
of summary reports.
Experience in Risk Management Framework (RMF) accreditation and
authorization (A&A) processes to include RMF steps 1-4
(categorization, controls selection, control implementation,
security assessment) and standard body of evidence (BoE) package
development.
Understanding of security control inheritance in terms of IaaS,
PaaS and SaaS relationships.
Experience with Cross Domain Solutions
Experience in DoD software selection and approval processes for
COTS, GOTS and FOSS.
Experience in the application of DISA SRGs and STIGs.
Support security engineering activities, including basis of
estimate development, requirements development, design, test,
configuration management and maintenance of information systems and
data.
Assist program security in the development of policies and
procedures for emerging security technologies.
Support vulnerability assessment activities as required.
Support the evaluation, qualification, testing and delivery of
security architecture improvement, obsolescence replacement and
vulnerability response projects.
Experience in configuration and use of cyber defense and
vulnerability assessment tools such as ACAS and SCC.
Work is 100% on-site and cannot be accomplished remotely.
Qualifications:
Education:
Bachelor's Degree and minimum 9 years of prior relevant experience,
or
Graduate Degree and a minimum of 7 years of prior related
experience.
Top Secret / SCI security clearance required.
DOD 8570.01M IAT-3 or IASAE-2 certification.
Preferred Additional Skills:
Experience in Model-Based Systems Engineering (MBSE).
Experience in the content development and administration of
SEIM/audit reduction tools (e.g., Splunk).
DOD 8570.01M IASAE-3 certification is desired.
Strong understanding of engineering processes, concepts and
information security systems engineering principles (NIST SP
800-160 Vol1).
System test and evaluation methods and RMF assessment methodology &
process.
Experience in Cyber Defense technologies.
Understanding of system vulnerabilities and exploitation.
Top Secret / SCI with an active Poly is highly desired.
L3Harris Technologies is proud to be an Affirmative Action/Equal
Opportunity Employer. L3Harris is committed to treating all
employees and applicants for employment with respect and dignity
and maintaining a workplace that is free from unlawful
discrimination. All applicants will be considered for employment
without regard to race, color, religion, age, national origin,
ancestry, ethnicity, gender (including pregnancy, childbirth,
breastfeeding or other related medical conditions), gender
identity, gender expression, sexual orientation, marital status,
veteran status, disability, genetic information, citizenship
status, characteristic or membership in any other group protected
by federal, state or local laws. L3Harris maintains a drug-free
workplace and performs pre-employment substance abuse testing and
background checks, where permitted by law.
Keywords: L3Harris, Chantilly , Lead, Information Security Systems Engineer - TS/SCI - Chantilly, VA, IT / Software / Systems , Chantilly, Virginia
|
Click
here to apply!
|
