Amarx Search, Inc.    

Direct Placement position in Herndon, VA
Position ID: 2216

An excellent position with a large defense technology company delivering innovative mission solutions

* Lead Information Systems Security Engineer - TS-SCI *

Please apply ONLY if you have an active TS/SCI clearance and 9 years of relevant experience

You must currently be a United States Citizen (government related work)

Visa sponsorship is not available for this position

We can ONLY consider your application if you have:

1: Active Top Secret//SCI Security Clearance
2: Bachelor's Degree or Masters Degree
3: 9+ years of relevant experience (7 with Masters)
4: DOD 8570.01M IAT 3 Certification
5: Experience in writing and managing RMF body of evidence documents (e.g., System Security Plan (SSP), Security Compliance Traceability Matrix (SCTM), Risk Assessment Report (RAR), Continuous Monitoring (ConMon) Plan, and Security Assessment Plans and Procedures (SAPP)).
6: Experience in securing operating systems (Windows, Linux, Cisco IOS, etc.), applications (REST API, GMSEC, etc), and databases (MySQL, Mongo, etc).
7: Experience with application of Secure Template Implementation Guides (STIGs).
8: Experience in configuration and use of cyber defense and vulnerability assessment tools such as ACAS and SCC
9: Familiarity with Continuous Integration/Continuous Deployment (CI/CD), agile system development, and DevSecOps tools and processes.
10: Experience in accrediting cross-domain systems.
11: Experience in Model-Based Systems Engineering (MBSE)
12: Strong written and oral communication skills.
13: Principles of data flows (e.g., TCP/IP, OSI model).
14: Able to travel up to 20%
15: Able to work onsite.

DESIRED (not required) SKILLS:
:: Experience in the content development and administration of SEIM/audit reduction tools (e.g., Splunk).
:: Top Secret//SCI w/CI Poly is desirable.
:: DOD 8570.01M IASAE 3 certification is desired.
:: Strong understanding of engineering processes, concepts and information security systems engineering principles (NIST SP 800-160 Vol1).
:: System test and evaluation methods and RMF assessment methodology & process.
:: Experience in Cyber Defense technologies.
:: Experience with CI/CD, agile system development, and DevSecOps tools and processes.
:: Understanding of system vulnerabilities and exploitation.

Duties and Responsibilities
== Provide leadership and technical execution support of information security activities associated with the authorization and accreditation (A&A) of information systems and data using NIST Risk Management Framework (RMF) (and derivative) processes, to include those processes used for SAP accreditations.
== Support security engineering activities, including basis of estimate development, requirements development, design, test, configuration management and maintenance of information systems and data.
== Assist program security in the development of, policies and procedures for, emerging security technologies and proposals.
== Support security certification and vulnerability assessment activities as required.
== Support the evaluation, qualification, testing and delivery of security architecture improvement, obsolescence replacement and vulnerability response projects.
== Support information assurance data collection and continuous monitoring activities for assigned information systems.

Please send resume as a Microsoft Word attachment to

Amarx Search, Inc.