Lead Information Systems Security Engineer
Clifton, NJ – *Relocation Assistance Provided*
The Company
Our client is one of the largest, successful aerospace, defense and technology innovators in the world. They operate in over 100 countries and provide strategic solutions to the US, in order to protect and defend our freedoms worldwide, with advancing space access, supporting national security, civil service, and transportation safety. Their employees are passionate about their customers and their mission, as they enjoy working with cutting edge technologies and advancements that are positively impacting our society.
The Job
Our client is seeking a Lead Information Systems Security Engineer with a specialty in DOD Anti-Tamper verification. The ideal candidate will be well-versed in AT technologies and work well with integrated engineering teams.
Functions
- Expected to contribute to all System Security Engineering activities pertaining to CDRLs, trade studies, security requirements analysis, secure architecture development, management & compliance with security controls, design review milestones (SRR, SDR, PDR, CDR) and security test/verification activities.
- Ensure RMF Information Security requirements and Program Protection requirements are addressed in all phases of the System Development Lifecycle (SDLC).
- Perform functional analysis, timeline analysis, detailed trade studies, requirements derivation and allocation, and interface definition studies to translate customer Information Security requirements to engineering specifications.
- Responsible for developing security overlays, data flow diagrams, internal requirements, CONOPs and interface control documents from customer / product requirements.
- Identify security risks, threats and vulnerabilities to existing systems, applications and new technology initiatives.
- Serve as a Subject Matter Expert in the area of Product Security
- Expected to lead multiple Product Security Programs
- Enhance and Improve processes and procedures to improve technical efficiency.
Qualifications
- Active SECRET Clearance required
- Education:
- Bachelor’s Degree and minimum 9 years of prior relevant experience.
- Graduate Degree and a minimum of 7 years of prior related experience.
- In lieu of a degree, minimum of 13 years of prior related experience.
Preferred Skills
- Experience writing and managing RMF body of evidence documents (e.g., Program Protection Implementation Plan, AT Plan, System Security Plan (SSP), Security Compliance Traceability Matrix (SCTM), Key Management Plan (KMP), Risk Assessment Report (RAR), Continuous Monitoring (ConMon) Plan, Plans of Action and Milestones (POA&M), and Security Assessment Plans and Procedures (SAPP).
- Knowledge of programming languages including C/C++, Assembly, Python languages is desired.
- Experience implementing real-time embedded security-oriented solutions on Department of Defense (DoD) systems
- Experience designing, implementing, and evaluating in Anti-Tamper Solutions
- Experience interfacing with other Engineering Disciplines
- Experience in Software Assurance (SWA), Supply Chain Risk Management (SCRM) is preferred.
- Experience with commercial-off-the-shelf products
- DoD 8570.01-M IASAE Level 1 certification (e.g. CISSP).
- Experience with administration and securing Linux (RHEL/CentOS), VXWorks, Wind River Linux
- Experience identifying common threats to information systems and how compromise system integrity.
- Experience in system testing and evaluation methods and RMF assessment methodology & process.
- Experience with DOORS requirement management software
- Experience in Model-Based Systems Engineering (MBSE)
- Active Collateral TS or TS/SCI Clearance is highly desirable
Security Clearance
Please be aware this position requires a DoD Secret security clearance. Security clearances may only be granted to U.S. citizens. In addition, applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information.