Information System Security Engineer #5145

The Information System Security Engineer (ISSE/ISSO) position will function as an integral member of the GIS program team. Overall, the GIS team is responsible to provide assessment, planning, designing, development, deployment, training, and transition to operations activities related to maturing the USAID’s GIS infrastructure, capabilities, and service offerings utilized by USAID’s Bureaus and external partners.  In this role, the ISSE provides security management oversight to all GIS activities occurring within the program scope.  The role is expected to have interaction and coordination with the USAID IA group to ensure compliant, certified solutions are developed and implemented. 

Activities may include correlation of threat data from various sources to establish the identity and modus operandi of hackers active in client’s networks and posing a potential threat. Provides the customer with assessments and reports facilitating situational awareness and understanding of current cyber threats and adversaries. Develops cyber threat profiles based on geographic region, country, group, or individual actors. Produces cyber threat assessments based on entity threat analysis. May provide computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments. Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.

 Examples of work activity:

• Manage Security Assessment and Authorization (SA&A) package: Create, draft, and maintain SA&A document
• Provide assessment support working toward an approved Authority to Operate (ATO)
• Comply with USAID, Government and industry Information Assurance (IA) standards, policies, guidelines, and best practices
• Responsible for Systems security, testing and system accreditation activities
• Apply information technology security principles and configure security settings, complete weekly system audit, apply security patches and conduct reviews
• Assist in the development and implementation of government approved information security procedures and plans for the operation of multiple networked and standalone classified computers, and coordinate government agency approvals.
• Consult on the design, development, integration, and analysis of classified computing systems with the project design and implementation staff
• Assist with self-inspection reviews
• Assist in conducting comprehensive investigation of security incidents
• Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyberthreats to the client.
• Provides timely and actionable sanitized intelligence to cyber incident response professionals.
• Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client’s security posture.
• Conducts intelligence analysis to assess intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber attacks.
• Researches hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership.

Required Skills and Experience

• Bachelor’s with 8+ years (or commensurate experience)
• Minimum Certification Requirements: CISSP
• Must have a minimum of five (5+) years of experience with all phases of Information Assurance and accreditation processes, securing IT systems and services using Government and industry IA standards, policies, guidelines, and best practices.
• Demonstrated experience successfully managing information security risks to include completing the entire A&A process including receiving Authority to Operate (ATO) for the cloud.
• Experience supporting vulnerability scanning tools
• Experience performing Security Operations in environments with 10,000+ endpoints
• Working knowledge of network security
• 5+ years of experience producing IAT-Related documentation and governance materials
• 5+ years of experience conducting Assessment and Authorization (A&A) using Risk Management Framework (RMF) activities
• US Citizenship

Preferred Skills and Experience

• Understanding of federal ISSO process

• Zero Trust Architecture
• NextGen Firewalls, specifically Palo Alto
• Encryption and PKI
• Dynamic Access Control / Identity Management
• Azure AD
• Splunk (or other SIEMs including ELK and Google Chronicle)
• Cisco Network Security (including Cisco Tetration, Cisco ISE)
• AWS / Azure security function (e.g., Azure Security Center)
• Endpoint Device Health and Forensics

• 5-10 years of Identity and Network security design and implementation
• Understanding of Trusted Internet Connection version 3 standards and migration path
• 2-5 years of Cloud Access Security Broker (CASB) experience
• Other certifications preferred: CCSP, CISM, GSLC, CISA, CASP, or equivalent from issuing bodies: (ISC)², Comp TIA, ISACA, GIAC, CISCO, EC-Council, IAPP, or equivalent.
• Active Secret Clearance highly preferred