This listing has expired and therefore is not publicly viewable.
|Company||General Dynamics Information Technology|
|Location||Springfield, VA or Chantilly, VA or Buckley AFB, CO|
|Preferred GIAC Certifications||GSEC, GCIH, GPEN|
|Contact Name||Andrew Roth|
An Information Assurance Engineer (IAE) (also known as an Information Systems Security Engineer (ISSE)) is responsible for conducting information systems security engineering activities throughout the acquisition lifecycle and to help ensure that the security requirements of systems are met. IAEs are responsible for capturing and refining information protection requirements to ensure their integration into the development of information systems through purposeful security design or configuration. The IAE focuses on security theories, principles and practices of systems security engineering from a lifecycle perspective and integrates security functional requirements into existing acquisition phases, milestones, and deliverables using systems security engineering methodologies in accordance with NIST SP 800-160. IAEs are required to derive security requirements, design and develop secure systems, and analyze the security posture of deployed systems. Risk assessment and mitigation strategies are applied by the IAE in accordance with the Risk Management Framework defined by the National Institute of Standards and Technology (NIST) and regulatory directives and guidelines for federal information systems and national security systems, e.g., NIST SP 800-53, CNSS Instruction 1253. Personnel shall be knowledgeable of best practices when implementing security controls including software engineering methodologies, security engineering principles, and secure coding techniques. The IAE is also responsible for coordinating activities with assessment and authorization ((A&A) also known as certification and accreditation (C&A)) stakeholders.
Included within the years of relevant experience, the IAE shall possess the following minimum qualifications:
a. Knowledge of and experience with DCID 6/3 and ICD 503 and the Government's certification and accreditation process;
b. Networks, computer components, system protocols, and COTS technology;
c. System methodologies including: client/server, web hosting, web content servers, policy servers, directory servers, firewalls, WAN, MAN, LAN, switches, and routers;
d. Software integration of COTS and Government Off-the-Shelf (GOTS) products;
e. VMware, Xen, Hyper V and other virtualization platforms
f. Technical experience in:
i. Configuring and supporting, at a minimum, Windows, Linux, Unix, Mac OS;
ii. Configuring and supporting, at a minimum, VMware, Xen, Hyper V;
iii. Software engineering;
iv. Program design and implementation;
v. Configuration management;
vi. System maintenance;
vii. Integration testing; and
viii. Information system engineering.
Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
Must have IASAE Level III Certification. ie. CISSP-ISSEP or CISSP-ISSAP
10-15 years of related experience in data security administration.