Information System Security Engineer

Company: CAE
Location: Arlington
Posted on: March 16, 2023

Job Description:

Job Description Summary Seeking an experienced cybersecurity professional to provide technical expertise for the design, development, integration, testing, and fielding of Department of Defense (DoD) compliant Information Systems and solutions used in military training systems. Essential Duties and Responsibilities Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Implement security and anti-tamper controls into training and simulation solutions
• Define DoD cybersecurity and anti-tamper requirements and interact with external stakeholders to refine/derive/allocate security control requirements
• Perform trades studies, cost analysis, risk assessments, impact analysis, and effectiveness studies
• Customize cybersecurity solutions based on cost and effectiveness
• Assist programs and monitor program execution throughout product development lifecycle to ensure cyber and anti-tamper objectives are met
• Lead, advise, and educate engineers on cybersecurity and anti-tamper concepts and solutions
• Prepare briefings to obtain approvals by government agencies for contracted efforts
• Perform cybersecurity tasks in each phase of the Risk Management Framework (RMF)
• Create entire authorization packages to obtain an Authority to Operate (ATO) for DoD Information Systems
• Interact with System Program Office and Authorizing Official key personnel during all phases of the RMF
• Support Information System Security Managers and Officers (ISSM/ISSO) during Continuous Monitoring Phase of the RMF as technical Subject Matter Expert
• Applies current systems security engineering methods, practices and technologies to the architecture, design, development, evaluation and integration of systems and networks to maintain system security
• Works closely with Government customers to ensure that the security protection needs, concerns and requirements are defined and implemented with appropriate fidelity early and in a sustainable manner throughout the life cycle of system that will allow for the security authorization of the system of interest
• Works with systems developers or commercial product vendors in the design and evaluation of state-of-the-art secure systems, networks, and database products
• Uses methods such as encryption technology, vulnerability analysis and security management
• Responsible for integration of multiple methods into a cohesive system security perimeter and environment and the policies and procedures necessary to monitor and maintain such an environment
• Will prepare Certification and Accreditation documentation, using multiple standards such as DITSCAP, NIACAP, DCID 6/3, Common Criteria, and NIST 800-37, to achieve security authorization of supported systems. Represent program security needs, concerns and requirements at customer meetings QUALIFICATIONS AND EDUCATION REQUIREMENTS
  • Bachelor's degree in a technical field, such as Cybersecurity, Electrical Engineering, Systems Engineering, or Computer Science
  • Possess an active IASAE level II or III certification in accordance with DoDD 8140.01, Cybersecurity Workforce Management and DoD 8570.01-M, Information Assurance Workforce Improvement Certification
  • 10+ years of relevant experience in fields of cybersecurity, anti-tamper, or engineering computer technology
  • Experience creating authorization packages for DoD Information Systems
  • Experience implementing security controls
  • Experience with security control testing to include use of vulnerability and compliance scanners, creating test reports, and analyzing test results
  • In-depth knowledge of all phases of the RMF
  • Knowledge of all phases of the Systems Development Lifecycle
  • Knowledge of NIST 800-53 security controls including their implementation and testing
  • Interpersonal soft skills to effectively and smoothly interact with both internal and external stakeholders
  • Experience in requirements management to include deriving, allocating, and tracing
  • Ability to work alone or in a team environment
  • Self-motivated with substantial problem-solving abilities
  • Proficiency with Microsoft Office products
    • Due to U.S. Government contract requirements, only U.S. citizens are eligible for this role. Preferred Skills
      • Possess an active security clearance
      • JSIG compliance and implementation experience
      • Proficiency in anti-tamper techniques for verification and protection of Critical Program Information (CPI) per DoDI 5200.39
      • Systems Administrator, Software Engineering, and/or Network Engineering Experience
      • Significant knowledge of Security Technical Implementation Guides (STIGs)
      • Masters Degree in a technical field
      • Design and Architect experience of cybersecurity solutions
      • Multiple DoD 8570.01-M certifications
      • Prior experience utilizing systems engineering principles for requirements on a technical effort
      • Previous experience developing and accessing various artifacts such as SOWs, requirements, and test documents
      • Experience with DOORS requirements management software
      • Experience in eMASS and Xacta RMF flow software
      • Experience in cybersecurity activities associated with aircraft and aircraft simulators/training devices
      • Ability to travel up to 15% Security Responsibilities Must comply with all company security and data protection / usage policies and procedures. Personally responsible for proper marking and handling of all information and materials, in any form. Shall not divulge any information, or afford access, to other employees not having a need-to-know. Shall not divulge information outside company without management approval. All government and proprietary information will be accessed and stored electronically on company provided resources.
        • Incumbent must be eligible for DoD Personal Security Clearance. Due to U.S. Government contract requirements, only U.S. citizens are eligible for this role. Work Environment This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines. The job also operates in lab environments using standard office equipment and Training and Simulation System devices. Physical Demands The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.
          • Ability to site for extended periods of time
          • Ability to stand for extended periods of time
          • Ability to lift 25 lbs. to various heights Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for their job. Duties, responsibilities, and activities may change at any time with or without notice. Company Description CAE, based in Montreal, is a world-class training systems integrator and a foremost leader in training and technology for the defense, civil aviation, and healthcare markets. Tampa-based CAE USA is the largest segment of CAEs defense and security business unit, focused on helping the U.S. military to develop and maintain the highest levels of mission readiness. CAE USA serves the U.S., Central and South America, and select international markets. Recently, L3 Harris Military Training business segment was acquired by CAE USA, and with this highly complementary expansion, we are now able to meet the needs of our customers like never before. With nearly 3,000 employees dedicated to seeking out new opportunities ahead, CAE USAs future is bright.
            
            At CAE USA, our purpose drives us. We are people training people to be better at what they do, allowing defense forces to be mission ready by delivering cutting edge technologies and training systems. With your help, we will work together to meet the demands and challenges of a changing world, and we will forge new growth and innovations far into the future by Jobble

Keywords: CAE, Arlington , Information System Security Engineer, IT / Software / Systems , Arlington, Texas