Role: Info Security Sys Engineering
Location: Herndon, VA, 20171 (100% Onsite)
Duration: 12+ Months (Contract to hire)
Pay Rate: $70-103.00/hr W2
Shift hour: 1st Shift Onsite
Job Description:
We are searching for a talented Information Security Systems Engineering Manager to join the Client Engineering Team. The L3Harris Mission Networks (MN) sector supports managed network infrastructures for federal government customers. This position involves leading the team and is responsible for execution of information security engineering, operations, and compliance. This roles serves as the primary Client internal Surveillance & Automation Solutions Information Assurance (IA) decision maker, responsible for the management and technical administration of the Information System (IS) in accordance with internal and external security requirements. This role has people management responsibilities managing a team of about 9 information security engineers.
• This is an ON-SITE position at Client offices located in Herndon, VA.
• This position requires weekend, after hours support, and on-call rotations to meet program requirements.
• This position requires the ability to obtain FAA Public Trust Suitability.
Essential Functions:
• Responsible for Security Engineering and the Security Operations which consists of Information Security Systems Engineers and IT Security Analysts.
• Responsible for people management of the team including conducting employee performance reviews, staffing, morale, career development, etc.
• Communicates with parties within and outside of the organization, which includes larger customers and vendors. Works to influence others to accept team's views or practices and agree/accept new concepts, practices, and approaches. Requires ability to communicate and influence leadership regarding matters of substantial importance to the function or business area. Frequently conducts briefings to senior leadership.
• Lead Risk Management Framework (NIST) compliance activities required for the portfolio programs, including vulnerability and baseline assessment and POAM remediation.
• Leads and directs all product or information security engineering activities within the enterprise pertaining to CDRL documents, trade studies, security control requirements analysis, secure architecture development, management & compliance with security controls, design review milestones and security control test/verification activities.
• Provide Information Assurance (IA) technical and procedural leadership to the program security teams to ensure requirements and process compliance for documentation and reporting of system characterizations, architectures and plans.
• Responsible for developing security overlays, data flow diagrams, internal requirements, CONOPs and interface control documents from customer / product requirements.
• Provide IA technical leadership to development teams at internal and external gate reviews such as technical baseline reviews and design reviews.
• Work closely with program managers, systems engineering and other engineering disciplines to plan and execute the security missions for the portfolio of programs within the Enterprise.
• Identify security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives (hardware, software, cross-domain solutions, cryptographic devices, firewalls, intrusion detection systems, anti-virus systems and software deployment tools, etc.).
• Support Government sponsored security risk assessment and other audits as necessary to establish and maintain Authorization or respond to Government requests for information as it relates to security architectures, procedures and processes followed to meet program requirements.
• Lead baseline development, technical content and cost Basis of Estimate (BOE) activities for information security scope of work supporting new business opportunity pursuits and proposals.
Qualifications:
• Requires mastery level knowledge within Information Security with a Bachelor’s Degree and minimum 12 years of prior relevant experience. In lieu of a degree, minimum of 16 years of prior related experience.
• Minimum of 10 years of Information Security System Engineering experience working on system information security architecture development, implementation, integration, and test.
• Minimum of 8 years of leadership experience in Information Assurance.
• Minimum of 6 years of experience with executing government RMF programs.
• Minimum of 6 years of experience with NIST and FISMA.
• Minimum of 6 years of experience with networking technologies (LAN, WAN, Routers, Switches)
• Minimum of CISSP and Security + certifications.
• Minimum of 3 years of experience with writing and producing technical proposals.
• Minimum of 3 years of experience with security assessment and authorization activities required for Federal information systems (e.g. RMF, ICD-503, JSIG, Type 1, etc.)
• Minimum of 3 years of experience with compliance scanning tools (e.g. Nessus) and vulnerability scanning tools (e.g. Splunk).
• Minimum of 3 years of experience with writing requirements and systems level technical documentation.
• Minimum of 3 years of experience working in both Windows and Linux environment.
Preferred Additional Skills:
• Knowledge of cloud security.
• Previous experience with FAA or DoD systems/programs.
• Collaborative leadership style with a proven track record of working with high performance, multi-discipline systems engineering teams.
• Excellent verbal and written communication skills in a technical information environment.
• Ability to work multiple tasks in a fast-paced operational systems environment and adapt quickly to changing situations.
• Linux certifications (RHCSA, CompTIA Linux, LCFS/LCFE, etc.).
• Knowledge of agile development processes and DevOps tools such as Jira, Bitbucket, Confluence
• Knowledge of continuous integration, delivery, and automated test tools such as Jenkins, SonarQube, JUnit, Cucumber, Selenium, JMeter.
• Experience developing and delivering modern software, including micro services, containers, and hybrid cloud architectures.
• Additional desired certifications include CCNA, CCSP, MCSE, and/or SANS GIAC