Phia Senior Information Systems Security Engineer (ISSE) in Arlington, Virginia
OVERVIEW: phia LLC is seeking a highly skilled Senior Information System Security Engineer (ISSE) to join our team of qualified, diverse individuals supporting a Large Federal Security Operations Center (SOC) and their 24x7 mission.
Managing and tracking security project tasks; including but not limited to security controls development and implementation, security testing and remediation, compliance tracking, and documentation for management and auditing activities.
Serves as the principal advisor to the information system owner and the customer’s Chief Information Systems Security Officer/Information Systems Security Manager on all matters (technical and otherwise) involving the security of the information system.
Responsible for the protection of the information system(s) by defining access privileges, security control structures, and resources at all assigned National Coordinating Center’s operating locations.
Efficiently facilitates and expedites the tracking, handling, and reporting of all security events and computer incidents in accordance with government procedures.
Evaluates and performs incident escalation and mitigation techniques in accordance with customer guidelines.
Works with other team members to ensure an effective and efficient cyber incident management system is implemented based on Federal government customer guidance.
Researches the latest information technology (IT) security trends.
Analyzes network traffic and various log data along with source information to determine the threat against the network, recommend appropriate countermeasures, and assess/mitigate damage to the enterprise networks.
Maintains integrity of the network, server deployment, and security in accordance with applicable regulatory and departmental policies and procedures.
Creates and maintains information system documentation and artifacts ensuring the certification and accreditation of system remains intact throughout the system’s Authority to Operate lifecycle.
Recommends and implements security improvements by assessing current situation, evaluating trends, anticipating requirements.
Implements Information Security Vulnerability Management, Alerts, Technical Advisories and Bulletins in accordance with Component/Organization policies.
- Bachelor’s Degree in a technical field and 5-9 years related technical experience required
Degree from a designated CAEIAE and 5-9 years experience
Certification and Accreditation experience.
Active Top Secret Security Clearance with SCI eligibility is required. In addition, selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation for continued employment.
Basic understanding of Network Administration and Network Security is required.
Possess the detailed knowledge and expertise required to manage the security aspects of the information system and be assigned responsibility for the day-to-day security operations of the system.
Proficiency with federal government IT risk management suites.
Experience providing regulatory and organizational performance reports; communicating system status and user behavior analytics to include Plans of Actions and Milestones (POA&Ms).
Ability to understand and learn the technical specifications, system requirements and other application design information as needed to meet customer mandates.
Ability to deploy and support Continuity of Operations (COOP) activities as required.
Familiar with the following: Risk Management Framework principles, Department of Homeland Security Sensitive System Policy Directive 4300 series and National Institute of Standards and Technology (NIST) 800-series guidance.
Expertise in using Information Assurance and Compliance System (IACS).
Possesses a current active industry standard certificate in the information security/assurance field: e.g. Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC), Certified Authorization Professional (CAP).
WORK SCHEDULE: 1st
WORK LOCATION: Arlington, VA
TELEWORK ELIGIBILITY: N/A
SECURITY REQUIREMENTS: Active TS/ SCI or DHS EOD
phia LLC ("phia") is a Northern Virginia based, 8a certified small business established in 2011 with focus in Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, Information Assurance/Security, Compliance, Certification & Accreditation, Communications Security, Traditional Security, and Facilities Security. phia also provides cyber operations support functions such as: Program and Process Management, Engineering, Development, and Systems Administration that allows for Cyber Operations to efficiently integrate our customer’s missions and objectives. phia supports various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.
phia offers excellent benefits to enhance the work-life balance, these include the following:
· Medical Insurance
· Dental Insurance
· Vision Insurance
· Life Insurance
· Short Term & Long Term Disability
· 401k Retirement Savings Plan with Company Match
· Paid Holidays
· Paid Time Off (PTO)
· Tuition and Professional Development Assistance
· Parking Reimbursement