Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Jobs - Information Assurance Engineer TS SCI w Polygraph Clearance Springfield, VA or Chantilly, VA or Buckley AFB, CO GSEC, GCIH, GPEN InfoSec Jobs

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This listing has expired and therefore is not publicly viewable.

Information Assurance Engineer TS/SCI w/Polygraph Clearance
Company General Dynamics Information Technology
Location Springfield, VA or Chantilly, VA or Buckley AFB, CO
Preferred GIAC Certifications GSEC, GCIH, GPEN
Travel 0%
Salary Not provided
URL Not provided
Contact Name Andrew Roth
Contact Email andrew.roth/at/
Expires 2015-08-23

Job Description

An Information Assurance Engineer (IAE) (also known as an Information Systems Security Engineer (ISSE)) is responsible for conducting information systems security engineering activities throughout the acquisition lifecycle and to help ensure that the security requirements of systems are met. IAEs are responsible for capturing and refining information protection requirements to ensure their integration into the development of information systems through purposeful security design or configuration. The IAE focuses on security theories, principles and practices of systems security engineering from a lifecycle perspective and integrates security functional requirements into existing acquisition phases, milestones, and deliverables using systems security engineering methodologies in accordance with NIST SP 800-160. IAEs are required to derive security requirements, design and develop secure systems, and analyze the security posture of deployed systems. Risk assessment and mitigation strategies are applied by the IAE in accordance with the Risk Management Framework defined by the National Institute of Standards and Technology (NIST) and regulatory directives and guidelines for federal information systems and national security systems, e.g., NIST SP 800-53, CNSS Instruction 1253. Personnel shall be knowledgeable of best practices when implementing security controls including software engineering methodologies, security engineering principles, and secure coding techniques. The IAE is also responsible for coordinating activities with assessment and authorization ((A&A) also known as certification and accreditation (C&A)) stakeholders.

Included within the years of relevant experience, the IAE shall possess the following minimum qualifications:
a. Knowledge of and experience with DCID 6/3 and ICD 503 and the Government's certification and accreditation process;
b. Networks, computer components, system protocols, and COTS technology;
c. System methodologies including: client/server, web hosting, web content servers, policy servers, directory servers, firewalls, WAN, MAN, LAN, switches, and routers;
d. Software integration of COTS and Government Off-the-Shelf (GOTS) products;
e. VMware, Xen, Hyper V and other virtualization platforms
f. Technical experience in:
i. Configuring and supporting, at a minimum, Windows, Linux, Unix, Mac OS;
ii. Configuring and supporting, at a minimum, VMware, Xen, Hyper V;
iii. Software engineering;
iv. Program design and implementation;
v. Configuration management;
vi. System maintenance;
vii. Integration testing; and
viii. Information system engineering.

Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.

Must have IASAE Level III Certification. ie. CISSP-ISSEP or CISSP-ISSAP

10-15 years of related experience in data security administration.