Information System Security Engineer - Senior
Company: L3Harris Technologies
Location: Colorado Springs
Posted on: September 24, 2024
|
|
Job Description:
Job Title: Specialist, Information Security Systems Engineer Job
Code: 16056
Job Location : Colorado Springs, CO
Job Description :
Applies current systems security engineering methods, practices and
technologies to the architecture, design, development, evaluation
and integration of systems and networks to maintain system
security. Works closely with Government customers to ensure that
the security protection needs, concerns and requirements are
defined and implemented with appropriate fidelity and rigor, early
and in a sustainable manner throughout the life cycle of system
that will allow for the security authorization of the system of
interest. Works with systems developers or commercial product
vendors in the design and evaluation of state-of-the-art secure
systems, networks, and database products. Uses methods such as
encryption technology, vulnerability analysis and security
management. Responsible for integration of multiple methods into a
cohesive system security perimeter and environment and the policies
and procedures necessary to monitor and maintain such an
environment. Will prepare Certification and Accreditation
documentation, using multiple standards under RMF and derivative
processes (DOD 8510, JSIG, ICD-503, CNSSI 1253), to achieve
security authorization of supported systems. Represents program
security needs, concerns and requirements at customer meetings.
Essential Functions:
Experience in Risk Management Framework (RMF) accreditation and
authorization (A&A) processes to include RMF steps 1-4
(categorization, controls selection, control implementation,
security assessment) and standard body of evidence (BoE) package
development.
Experience in DoD software selection and approval processes for
COTS, GOTS and FOSS.
Experience in the application of DISA SRGs and STIGs.
Support security engineering activities, requirements development,
design, test, configuration management and maintenance of
information systems and data.
Assist program security in the development of policies and
procedures.
Support vulnerability assessment activities as required.
Support the evaluation, qualification, testing and delivery of
security architecture improvement, obsolescence replacement and
vulnerability response projects.
Experience in configuration and use of cyber defense and
vulnerability assessment tools to include ACAS.
Strong understanding of threats, vulnerabilities, and risk.
Work is 100% on-site and cannot be accomplished remotely.
Qualifications :--
- Bachelor's Degree and minimum 4 years of prior relevant
experience. Graduate Degree and a minimum of 2 years of prior
related experience. In lieu of a degree, minimum of 8 years of
prior related experience.
-8140.03M IAT-2.
Preferred Additional Skills:
Windows and Linux system administration skills.
Experience in the content development and administration of
SEIM/audit reduction tools (e.g., Splunk).
DOD 8570.01M IASAE-1 certification is desired.
Strong understanding of engineering processes, concepts and
information security systems engineering principles (NIST SP
800-160 Vol1).
Understanding of security control inheritance in terms of IaaS,
PaaS and SaaS relationships.
Experience with A&A package processing in eMASS
System test and evaluation methods and RMF assessment methodology &
process.
Experience in Cyber Defense technologies.
Experience with CI/CD, agile system development, and DevSecOps
tools and processes.
Understanding of system vulnerabilities and exploitation.
General kn owledge of common threats to information systems and how
compromise would damage system integrity.
Scripting experience (Bash/Shell, Python, Perl, PowerShell).
Experience in application hardening through code scanning (with
tools like Coverity/Fortify) and mitigating findings.
Top Secret clearance is highly desired.
------------
In compliance with pay transparency requirements, the salary range
for this role is $74,000 - $138,000. This is not a guarantee of
compensation or salary, as final offer amount may vary based on
factors including but not limited to experience and geographic
location. L3Harris also offers a variety of benefits, including
health and disability insurance, 401(k) match, flexible spending
accounts, EAP, education assistance, parental leave, paid time off,
and company-paid holidays. The specific programs and options
available to an employee may vary depending on date of hire,
schedule type, and the applicability of collective bargaining
agreements.
The application window for this requisition is anticipated to close
August 31, 2024.
Keywords: L3Harris Technologies, Lakewood , Information System Security Engineer - Senior, IT / Software / Systems , Colorado Springs, Colorado
Click
here to apply!
|