Information Systems Security Engineer (ISSE) Journeyman

Location: JBSA, Lackland, TX (Situational telework eligible)

Clearance: TS Clearance, SCI Eligible

Education: BA/BS in Cybersecurity, Computer Science or related field (or AA/AS in a related field plus an additional 4 years of related work experience)

Outcomes:

The successful candidate is expected to accomplish the following outcomes during the first year in the position:

· Formally track all tasks, to include assigned by, suspense, status, and comments on all assigned tasks through completion and be prepared to brief upon request.

· Develop digital continuity folders and files that include standard operating procedures, workflows and POC lists to accomplish all tasks.

· Create 2-3 products beyond the client’s requirements that positively impact the client to either increase efficiency, effectiveness, or innovation.

· Master position tasks within 60 days and exceed requirements within 90 days.

Responsibilities:

The Information Systems Security Engineer – Journeyman provides hands-on Information Systems Security Engineering for JBSA-Ackland Director of the Air Force, Counter Insider Threat (DAF C In T) program. The ISSE-Journeyman, assists with hands- on cybersecurity-related systems activities in support of the Senior ISSM. The ISSE will design and implement secure system architectures to protect SAF/OC information systems from cyber threats. The ISSE will work closely with ISSMs, ISSOs, and IT teams to integrate security controls and ensure compliance with RMF, NIST 800-53, and DoD security standards. The ISSE Journeyman is responsible for designing, implementing, and maintaining security controls to protect the organization's information systems in accordance with Department of Defense (DoD) requirements. This role will be the technical component supporting the Senior ISSM. Per PWS section 1.3.9, Cybersecurity Support, specific tasks and responsibilities include but are not limited to:

Specific responsibilities include but are not limited to:

· Provide professional hands on support and solutions to address system security improvements and implementation of compliance in support of the Information System Security Manager (ISSM).

· Analyze and identify system, subsystem, and component vulnerabilities to determine applicable controls, testing, and other potential information assurance solutions and safeguards consistent with the RMF guidance provided.

· Assist with development and entry of RMF data and information in the XACTA (JWICS/COE & higher classified systems) and eMASS (NIPR & SIPR Systems) applications, as applicable.

· Support the Risk Management Framework (RMF) process,

· Support system authorization process,

· Support the Cyber Incident Handling process,

· Support the System Life Cycle Management Processes (e.g. Engineering Change and Configuration Management),

· Assist with Vulnerability management and detection, Malware Protection, and Security Assessments, Evaluations, and Reviews.

· Provide continuous monitoring,

· Assist with the Department of Defense Information Network (DODIN) Connection Approval Process

· Coordinate with the Cybersecurity Service Provider (CSSP).

· Assist with documenting and production of cybersecurity assessments, security impact analysis, and system authorization of JBSA- DAF C In T Information Systems.

· Assist with submission of documentation and organize artifacts in the appropriate repository per JBSA-Lackland guidance.

• Assist with develop secure system architectures and hardening solutions.
• Conduct vulnerability assessments, security testing, and continuous monitoring.
• Implement security controls per RMF and NIST guidelines.
• Assist with risk assessments and incident response efforts.
• Apply security controls and all technical mechanisms required by DoD RMF/Joint Special Access Program Implementation Guide (JSIG)/and Intelligence Community (IC) Directives and building security assessment procedures and evidence for assessment by Authorizing Officials of body of evidence.
• Engineering, administration, and configuration of Nessus scans and policies, Trellix/McAfee back end and policies, Splunk and Elastic SIEM administration, engineering, and query languages (SPL, SQL, or ES/QL) for analysis.
• Identify and analyze information system vulnerabilities and compliance issues.
• Administration of AWS cloud console and cybersecurity mechanisms, and STIG/SCAP compliance checker.
• Execute incident response as necessary
• Provide detailed analysis, evaluation, and recommendations for improvements, optimization, and/or maintenance efforts for specified mission-critical challenges/issues as related to system vulnerabilities and remediation.
• Participate in project performance review meetings and discussions.
• Support a cross-functional teams with cybersecurity support and assistance.

Qualifications:

The candidate must have the following qualifications:

• Minimum of five (5) years of work-related experience, to include supporting cybersecurity related processes, cybersecurity assessments, and initiating and evaluating system security.
• Of those 5 years, at least four (4) years of work-related experience supporting a component of the DoD.
• Experience supporting technical security of military systems with at least one of the following: experience in coalition operations, multi-level security solutions, or bilateral military information sharing.
• Experience in at least two and familiar with all of the following processes: Risk Management Framework (RMF) and system authorization, Cyber Incident Handling, System Life Cycle Management Processes (e.g. Engineering Change and Configuration Management), Vulnerability Management, Malware Protection, Security Assessments, Evaluations and Reviews, Continuous Monitoring, DODIN Connection Approval Process, and Cybersecurity Service Provider (CSSP) processes.

· Very good oral, written, and interpersonal communication skills.

Required Certifications:

• Personnel shall be IAT Level II certified in accordance with DoD 8570.01-M.

· IAM Level III certification (i.e. CAP, CASP+CE, CISM, CISSP, GSLC, or CCISO) CEH preferred.

The following qualifications are desired:

• Experience as a staff officer (e.g. DoD staff, Service Staff, CCMD staff, Joint Staff, or equivalent.

Travel: Some local travel may be expected.

Other Requirements: