Information Systems Security Engineer with TS/SCI
Professional Services - Fulton, MD | Fulton, MD | Full Time
About Us: Engineers solving real-world problems
The USAF F-22 Program has chosen Stratus to lead the design, implementation, and integration of multiple cloud-based environments for its internal use. This effort affords all team members the unique opportunity of working with bleeding edge cloud computing technologies in a multitude of environments and Amazon Web Services regions. This is a brand-new effort for Stratus and F-22 so we are entering on the ground floor – which gives us the complete freedom to architect a complete solution from beginning-to-end based on our recommended design considerations, best practices, and requirements from the customer. Since we are the sole integrators for this effort, we will be responsible for architecting and implementing all parts of the solution including cloud-based networking, infrastructure evolution, robust security, and process automation activities.
Stratus Solutions is also in the unique position of having been the lead integrator of similar cloud-centric solutions for other government clients and has access to a collaborative staff of cloud computing SMEs for knowledge transfer and support throughout the company. Stratus was explicitly sought out for this effort because of our AWS expertise, our ability to engineer innovative cloud solutions, and our close-knit partnership with AWS.
Your Mission: Help to maintain security accreditations and compliance for complex cloud-based environments.
You will be given the unique opportunity of leading the certification and accreditation process for a fully cloud-based software development environment. This position allows you the opportunity to begin security planning, consulting, and implementation activities at the ground level in order to build a fully accredited environment within Amazon Web Services (AWS).
A day in the life:
- Lead and participate in the certification and accreditation process for a cloud environment.
- Prepare, review, and evaluate compliance documentation.
- Identify alternative and flexible documentation procedures to aid in security compliance efforts.
- Communicate with government clients and Stratus staff to coordinate secure implementation methodologies and practices.
- Perform reviews of security control statuses and work with technical staff to work through POA&Ms.
- Author security documentation for SSP packages and work with designated approvers to move C&A process forward.
You will excel in this role if you are:
- A “technology translator”: You will be bridging the gap between both technical and non-technical audiences and must be able to speak to each in a language they understand.
- Embracing Emerging Technology: You will leverage AWS and its accompanying tools daily as you help to design and plan out a game-changing development environment from the ground up.
- Well-Rounded: You bring in-depth experience across multiple types of environments from a security compliance perspective.
- Agile: Able to work as part of small team working together to develop a solution for government customers.
- An effective communicator: You are able to successfully communicate in both verbal and written formats to client stakeholders, project leadership, and technical staff regarding the current security posture of the environment and necessary security deliverables.
What we are expecting from you (I.e. the qualifications you must have):
- Significant experience with SSP package documentation and materials both as the author and reviewer.
- Experience acquiring IATT, IATO, and ATO accreditations within IC and/or DoD environments.
- Able to identify roadblocks and potential pitfalls with regards to the security compliance and accreditation process.
- Knowledge of security controls listed within DoD 8510 (DIACAP and RMF), DoD 6510 and 8500 series instructions, and NIST 800 series guidance
- Experience with IAVMs, DISA STIGs, POA&Ms, and related IC/DoD policies and regulations.
- Experience conducting research and providing technical review recommendations based on known vulnerabilities.
- Industry-recognized security certifications such as CISSP, Security+, CEH, etc. (CISSP preferred).
- Excellent oral and written communication skills with a keen sense of customer service.
- Excellent problem solving and troubleshooting skills.
- Process oriented with great documentation skills.
- BS in Computer Science, IT, IS, or equivalent area of technical study (An additional 4 years of IT experience can substitute for a BS Degree).
- Due to the nature of the Federal contract for which this specific position will be assigned to, candidates are required to have US citizenship.
- Up to 20% travel
Nice to have:
- AWS experience preferred, but not mandatory. At a minimum, you should have an understanding/ knowledge of AWS architectures, capabilities, and services
- Active TS/SCI clearance
What we will provide in return:
- Excellent compensation and amazing benefits that include top of the line BCBS PPO coverage with ZERO deductibles. We pay for 100% of the employee premium and cover 90% of your dependent’s premium.
- 10% 401K employer contribution with no employee contribution required.
- Generous paid time off that includes sick, vacation and floating holidays as well as the ability to bank hours worked over target for use as leave within the same quarter.
- Employee centric culture and a belief that we should hire those who are good at what they do and then give them the tools they need to achieve success, further their expertise and grow their career.
- A commitment to learning and growth and easy ways to achieve both including a training budget, education assistance, mentorship programs and collaborative learning sessions.
- A collaborative environment that fosters communication via slack, internal messaging boards and email lists, our employee newsletter and an open-door policy.
www.StratusSolutions.com. EEO/AA including Vets and Disabled.