Lead, Information Security Systems Engineer Secret - Palm Bay, FL
Company: L3Harris Technologies
Location: Palm Bay
Posted on: October 29, 2024
|
|
Job Description:
Job Title: Information Security Systems EngineerJob Code:
15143Job Location: Palm Bay, FLJob Description: Applies current
Systems Security Engineering methods, practices, and technologies
to the architecture, design, development, evaluation, and
integration of systems and networks to maintain system security.
Works closely with Government customers to ensure that the security
protection needs, concerns, and requirements are defined and
implemented with appropriate fidelity and rigor, early and in a
sustainable manner throughout the life cycle of system that will
allow for the security authorization of the system of interest.
Works with systems developers or commercial product vendors in the
design and evaluation of state-of-the-art secure systems, networks,
and database products. Uses methods such as encryption technology,
vulnerability analysis, and security management. Responsible for
integration of multiple methods into a cohesive system security
perimeter and environment and the policies and procedures necessary
to monitor and maintain such an environment. Will prepare
Certification and Accreditation documentation, using multiple
standards under RMF and derivative processes (DOD 8510, JSIG,
ICD-503, CNSSI 1253), to achieve security authorization of
supported systems. Represents program security needs, concerns and
requirements at customer meetings.Responsibilities:Work with a team
of driven, supportive and highly skilled subject matter experts to
shape program planning, test planning, technical designs, and
acquisition strategies. Provide expertise on technology maturation
and protection strategies; mission analyses; systems engineering
and integration reviews; technical risk mitigation; requirements
development; and inform acquisition milestones and modernization
investment decisions. Support the development and application of
system security engineering, and program protection plans. Liaison
with the Anti Tamper Executive Trainer and Agent throughout program
lifecycle.Essential Functions:Program Protection and System
Security Engineering experience to include support of accreditation
activities.Systems integration/systems level engineering experience
with DOD weapons or sensor systems, including electronic design,
analysis or system test or system integration.Familiar with
electronic components found in modern systems, including Integrated
Circuit, FPGAs and ASIC technologies.Knowledgeable of protection
features and devices, system development processes, or system level
testing a plus.Owns the development and maturation of security
features for productsCollaborates and builds solutions with
engineering teams to meet and exceed system security goalsSimulate
and analyze attacks paths against products and integrated
components to uncover potential weaknessesCollaborates with
manufacturing and operations teams to develop secure handling and
operational processesEngages with teams to remediate uncovered
weakness in designs, implementations, integrations, and processesAn
understanding and the use of the application of DoDI 8500.01, DoDI
8510, DoDI 5200.39, DoDI 5200.44, DoDI 4140.67, NIST 800-53, NIST
800-171, NIST Handbook 162, and Risk Management Framework (RMF)/
DoD Cybersecurity Certification and Accreditation
activitiesExperience with DoD environment to include a
comprehensive understanding of DoD acquisition and system security
engineering policiesStrong knowledge of the DoD weapon system
acquisition and Systems Engineering processes defined in DoD policy
and guidanceExperience with Anti-Tamper, DoDD 5200.47E Excellent
interpersonal and communication (oral and writing) skills Must have
experience in using critical thinking to prepare written reports
and presentations for senior-level officialsExperience with A&A
package processing.Experience in DoD software selection and
approval processes for COTS, GOTS and FOSS.Support security
engineering activities, including basis of estimate development,
requirements development, design, test, configuration management
and maintenance of information systems and data.Assist program
security in the development of policies and procedures for emerging
security technologies.Support vulnerability assessment activities
as required.Support the evaluation, qualification, testing and
delivery of security architecture improvement, obsolescence
replacement and vulnerability response projects.Experience with
Security Testing and VerificationWork is to be accomplished 100%
onsite, in a lab environment, no options for remote
support.Qualifications: -Education:Bachelor's Degree and minimum 6
years of prior relevant experience. Graduate Degree and a minimum
of 4 years of prior related experience. In lieu of a degree,
minimum of 10 years of prior related experience.Program Protection
and System Security Engineering experience.Active Collateral Secret
ClearanceMust be able to obtain and maintain a DOD 8140
certification (or NIST 800-181), appropriate for the position
within 6-months of start. Preferred Additional Skills:Experience in
Static Application Security Testing (SAST) for Application Security
and Development STIG compliance using tools such as Fortify and
Gitlab as part of a DevSecOps Continuous Integration/Continuous
Deployment (CI/CD) Pipeline, and generation of summary
reports.Experience in configuration and use of cyber defense and
vulnerability assessment tools such as ACAS and SCC.Experience in
Model-Based Systems Engineering (MBSE).NSA Type 1 Certification of
cryptographic high value products.Experience with NSA High
Assurance products and IASRD requirements.Understanding of security
control inheritance in terms of IaaS, PaaS, and SaaS
relationships.Experience in the application of DISA SRGs and
STIGs.Windows and Linux system administration skills.Experience in
the content development and administration of SEIM/audit reduction
tools (e.g., Splunk).DOD 8570.01M IASAE II or IAT II Certification
is desired.Strong understanding of engineering processes, concepts
and information security systems engineering principles (NIST SP
800-160 Vol1).Experience in Cyber Defense technologies.Experience
with CI/CD, agile system development, and DevSecOps tools and
processes.Understanding of system vulnerabilities and
exploitation.Active TS/SCI Clearance is highly desired. -
Keywords: L3Harris Technologies, Port Orange , Lead, Information Security Systems Engineer Secret - Palm Bay, FL, IT / Software / Systems , Palm Bay, Florida
Click
here to apply!
|