Senior Cyber Security Engineer/Information Systems Security Manager (ISSM)

Own Your Future. Modern Technology Solutions, Inc. (MTSI) is seeking a Senior Cyber Secruity Engineer/Information Systems Security Manager (ISSM) at JBAB, Washington D.C. 

As a Senior Cybersecurity Engineer / Information Systems Security Manager (ISSM) with MTSI you will support a customer operating out of Joint Base Anacostia-Bolling (JBAB) in Washington, DC, with travel up to 20%, as required by the Government. The ISSM serves as the Program Office’s information security professional responsible for conducting information system security engineering activities that capture and refine their requirements and ensures security is integrated into system and security architecture designs. The ISSM works with the systems engineering teams to incorporate cyber resiliency objectives, techniques, and design principles into all engineering and development efforts throughout the system development life cycle (SDLC).

Why is MTSI known as a Great Place to Work?

• Interesting Work:  Our co-workers support some of the most important and critical programs to our national defense and security.  
• Values: Our first core value is that employees come first.  We challenge our co-workers to provide the highest level of support and service, and reward them with some of the best benefits in the industry. 
• 100% Employee Ownership: we have a stake in each other's success, and the success of our customers.  It's also nice to know what's going on across the company; we have company wide town-hall meetings three times a year.  
• Great Benefits - Most Full-Time Staff Are Eligible for: 
  • Starting PTO accrual of 20 days PTO/year + 10 holidays/year
  • Flexible schedules
  • 6% 401k match with immediate vesting
  • Semi-annual bonus eligibility (July and December)
  • Company funded Employee Stock Ownership Plan (ESOP) - a separate qualified retirement account
  • Up to $10,000 in annual tuition reimbursement
  • Other company funded benefits, like life and disability insurance
  • Optional zero deductible Blue Cross/Blue Shield health insurance plan
• Track Record of Success:  We have grown every year since our founding in 1993

Modern Technology Solutions, Inc. (MTSI) is a 100% employee-owned engineering services and solutions company that provides high-demand technical expertise in Digital Transformation, Modeling and Simulation, Rapid Capability Development, Test and Evaluation, Artificial Intelligence, Autonomy, Cybersecurity and Mission Assurance.

MTSI delivers capabilities to solve problems of global importance. Founded in 1993, MTSI today has employees at over 20 offices and field sites worldwide.

For more information about MTSI, please visit www.mtsi-va.com.

Responsibilities:

• Provide technical input, recommendations, and assistance with the implementation of both higher and granular-level cyber security approaches, methods and solutions that incorporate and maintain compliance to requirements resulting from laws, regulations, and other pertinent guidance.
• Advise the ISO and PSO concerning the impact levels for confidentiality, integrity, and availability for the customer’s information systems.
• Evaluate threats and vulnerability to information systems to ascertain the need for additional safeguards.
• Review and approve information system security assessment plans which are comprised of SSPs, SCTMs, and Security Control Assessment Procedures.
• Ensure security assessments are completed for information systems.
• Prepare the final security assessment report (SAR) which includes assessment results and findings, at the conclusion of each security assessment activity.
• Initiate a POA&M with identified weakness and suspense dates for information system based on findings and recommendations from the SAR.
• Evaluate security assessment documentation and provide written recommendations for security authorization to the AO.
• Develop recommendation for authorization and submit the security authorization package to the AO.
• Assess proposed changes to information systems, their environment of operation, and mission needs that could affect system authorization.
• Provide purposeful security architecting, design, development, and configuration of information systems.
• Provide inputs to development teams responsible for designing and developing organizational information systems and upgrading legacy systems.
• Employ best practices when implementing security requirements for information systems including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques.
• Keep abreast of current and new security technologies and threats.
• Design and develop security requirements that drive down risk while maintaining operational capability.

Qualifications:

• 10+ years' technical experience in cybersecurity, information technology, or systems engineering.
• Certified Information Systems Security Professional CISSP or (CISSP-ISSEP/CISSP-ISSAP) required.
• Able to demonstrate understanding of cybersecurity needs of systems at varied stages of the SDLC.
• Firm understanding of the DoD 8500.1-M, DoDM 5205.07, Volume 1, Joint SAP Implementation Guide (JSIG), National Institute of Standards and Technology (NIST) Special Publication 800-53, Intelligence Community Directive (ICD) Number 503.
• Excellent oral and written communication skills, and ability to clearly translate client technical needs into technical specifications.
• Demonstrated ability to complete tasks, drive projects to closure, assimilate and correlate project information in a fast-paced environment.
• Demonstrated ability to assess and articulate risk, including to non-technical audiences.

Desired Qualifications:
• Experience working on DISA Security Technical Implementation Guide (STIG) implementation.
• Experience working on-site in a government client environment.
• Familiarity with security procedures while working in a SCIF/SAPF environment.

• Cloud security implementation experience.
• Familiarity and experience with NSA requirements for COMSEC.
• Experience with DoD Acquisition Lifecycle experience and/or Rapid Acquisition / Rapid Delivery experience
• Capable of applying system security engineering expertise to various client programs/processes, for e.g., system security design process, engineering life cycle, information domain and cross domain solutions, identification/authentication/authorization of commercial off-the-shelf and government off-the-shelf software employment, system integration, risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, continuous monitoring, auditing, assessment and authorization, confidentiality, integrity, and availability.

Education Requirements:
• Bachelor’s degree in engineering, computer science, cybersecurity, networking, or programming.

Certification Requirements in one or more of the following:
• Certified Information Systems Security Professional CISSP or (CISSP-ISSEP/CISSP-ISSAP).

Clearance Requirements:

Security Clearance Level Required: Must possess an active Top Secret security clearance, current within five (5) years, based upon a T5 or T5R investigation (formerly known as Single Scope Background Investigation (SSBI) or SSBI Periodic Review (SBPR)).

Please Note: U.S. Citizenship is required.

#LI-DB1

#LI-Onsite