We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Information Systems Security Engineer at Northstrat. Northstrat is seeking an Information Systems Security Engineer to join our team. The ideal candidate will have experience in the following areas: secure software engineering practices in support of Department of Defense (DoD) or Intelligence Community (IC) customers, application of NIST Special Publications 800 security controls and the Risk Management Framework (RMF) process, and system vulnerability scanning.. Key Responsibilities. Planning and managing the system application of NIST Special Publications 800 series security controls.. Perform system vulnerability scanning, documenting results, and working with the development team to address security findings.. Generation of comprehensive system security documentation and artifacts, to include a Plan of Action and Milestones (POA&M), for obtaining and maintaining Interim Authorization to Test (IATT), Authority to Connect (ATC) and Authorization to Operate (ATO).. Work collaboratively with team members, Information Assurance, Information Security Engineering, and other Subject Matter Experts to resolve security issues. Maintain thorough documentation of all activities and communications through ticketing systems, operational briefs, and status reports.. Must have bachelor’s degree in a STEM related field.. Must have 6 plus years of relevant experience.. CompTIA Security+ certification is required.. Must have US citizenship. An active Top-Secret clearance is required with SCI or SCI eligible.. Knowledge of, and practical experience with the NIST Special Publications 800 Series and the Risk Management Framework (RMF) process.. Familiar with secure software engineering practices in support of Department of Defense (DoD) or Intelligence Community (IC) customers.. Experience with Authorization and Accreditation (A&A) process using RMF for classified systems obtaining and maintaining Interim Authorization to Test (IATT), Authority to Connect (ATC) and Authorization to Operate (ATO).. Experience with vulnerability scanning, and testing/validation of false positives/negatives.. Experience writing POA&M’s and working with team members on how to remediate findings.. . Experience with security tools such as: Assured Compliance Assessment Solution (ACAS), and Security Technical Implementation Guide (STIG)'s.. . Familiar with information security principles and best practices.. . Excellent communication and collaboration skills.. . Ability to work independently and as part of a team. . Preferred Qualifications. . Familiar with tiered security environments (U, S, TS).. . Familiar with AWS security services.. . Familiar with AWS infrastructure services.. . Familiar with Agile development methodologies.. . Company Location: United States.