The Senior Security Engineer will interpret DoD IA policies and provide IA support for U.S. Marine Corps’ (USMC) systems following USMC, DoD, DoN, FISMA, and NIST guidelines.
Certification and Accreditation
• Practical experience with DIACAP (DoD 8510.01) activities and artifacts.
• Experience building and maintaining DIACAP artifacts to include; System Security Plans, Incident Response Plans, Contingency Plans and Exercises, Continuity of Operations Plan, Risk Management Plan and Vulnerability Management Plan.
• Knowledge of IA Best Practices related to the following technologies; Windows Server Operating Systems, Microsoft Database Management Systems, Microsoft Web Technologies, Network Infrastructure and Application Security.
• Experience directing remediation efforts, building Residual Risk Reports and tracking POA&Ms.
• Experience performing Privacy Impact Assessments (PIA) and enacting best practices protecting Personally Identifiable Information (PII).
• Experience writing white papers and communicating technical solutions in non-technical terms.
• Practical experience using Retina, Gold Disk, and web assessment tools.
• Practical experience managing IAVA compliance and DISA STIG/SRG implementation.
• Practical experience with threat models, SCAP compliance tools, SRTMs, and Xacta are a plus
• Practical experience using HBSS ePO Server Management Console
• Strong technical writing and presentation skills.
• Knowledge of USMC/DoN/DOD policies.
• IA Policy development at the project level.
• Ability to build and execute Technical/Non-Technical test-scripts.
Minimum 5 years of Information Technology experience, including 3 years direct experience in information security / information assurance.
BS degree in Computer Science, Information Systems, Engineering, or related field preferred. Commensurate work experience considered.
Must meet DoD 8570.01-M (IAM Level III) requirements. GSLC, CISM, or CISSP.
U.S. Citizen required.
Secret clearance required.