Information Security Systems Engineer

Innova Solutions is immediately hiring for an Information Security Systems Engineer.

Position Type: Direct Hire

Duration: Direct Hire

Location: Tampa, FL 33634 (Onsite)

As a(n) Information Security Systems Engineer you will:

Major purpose:

Implement and monitor security processes relative to NISPOM and Department of Defense (DoD) Information Security requirements.

Manage and implement the Risk Management Framework (RMF) for assessment and authorization of NIPRNet and SIPRNet systems in contractor facilities.

Audit information system security plans and procedures to comply with DoD and separate service regulations, directives and procedures.

Function as Information System Security Engineer (ISSE), coordinate and oversee compliance of multiple IA requirements in coordination with Program Managers.

Provide input and assistance as a Security Department team member.

Responsible for DoD collateral information systems as ISSE.

Design, write and audit procedures for compliance with handling, marking, access, auditing, and logging actions as specified in NISPOM and the System Security Plan (SSP) for DSS accredited systems.

Prepare, maintain, and implement SSPs, under ISSM oversight, for government approval.

Major functions:

Establishes proactive reporting system for non–compliance, intrusion or abuse of information security procedures within classified areas and investigate and recommend corrective actions for violations to the ISSO and FSO.

Responsible for recurring tasks on program systems as assigned:

Conduct scheduled inspections of systems/facilities that process classified information.

Maintain and audit all logs and records associated with classified operation procedures.

Audit security logs, reports, daily system audits, security logs and authentication features to assure security–relevant actions are properly implemented and executed.

Originate, deliver and document security briefings to program personnel to include each user signing acknowledgement of responsibility for security of IS classified operations.

Brief and document annual active user ID revalidation and IS Configuration Management

Evaluate program proposed changes or additions to IS and advice ISSM of relevance.

Provide guidance and expertise to proposal managers to define requirements for applications, installations, and program architecture for information security systems to develop Contract Data Requirements Lists for classified contract efforts.

Perform and document annual risk assessment to determine if additional countermeasures are required.

Provide guidance on all DOD Mission Assurance Category and confidentiality levels.

Responsible for collateral material marking, shipping, inventory and safeguarding.

Obtain and maintain an Authorization to Operate (ATO) for software and hardware systems connecting to NIPRNet and SIPRNet.

Technical/Functional skills:

At least one of DoD 8570.01–M Information Assurance Management (IAM) Level II Approved Baseline Certification (CAP, CASP+CE, CISM, CISSP (or Associate), GSLC, or CCISO.)

Experience with NIST Special Pamphlet (SP) 800–37 Guide for Applying the Risk Management Framework, NIST SP 800–53 Rev. 5 Security and Privacy Controls for Federal Information Systems and Organizations.

Experience documenting compliance/non–compliance of security controls in the Enterprise Mission Assurance Support Service (eMASS)

Ability to write System Security Plans (SSP) including classified portions, acceptable to Authorizing Official and compliant with all applicable DOD Directives and Instructions.

Manage and implement the Risk Management Framework (RMF) for assessment and authorization of NIPRNet and SIPRNet systems in contractor facilities.x