Information Systems Security Engineer (ISSE) - GUAM

Responsibilities

INFORMATION SYSTEMS SECURITY ENGINEER (ISSE)

OBXtek is seeking a qualified Information Systems Security Engineer to work with the Regional Information Systems Security Manager (ISSM), with Information Systems

Security Officers (ISSOs), and other J6 CIO staff in the creation, completion, and maintenance of

various security related documents such as the Assess and Authorization packages.

The ISSE will:

• Perform vulnerability scans on all systems and network devices to ensure all Information Assurance Vulnerability Alerts and Bulletins (IAVA/B) and Computer Task Orders (CTOs), Task Orders (TASKORDS) and other security related tasking is applied as required by current Government directives.

• Perform all account and data functions ensuring proper clearances for users; maintain information ownership responsibilities for each information system to include accountability, access approvals, and special handling requirements; maintain user agreements; SIPRNet network account information; and user validation forms.

• Monitor and maintain user training certificates (Cyber Awareness and Cybersecurity Workforce training requirements).

• Ensure physical space requirements for Restricted Access Areas (RAA), Controlled Access Areas (CAA), and Open Storage Secret spaces meet the mandated classification requirements.

• Complete annual Physcial Security STIGs for all spaces with ONE-NET computers under JRM’s purview.

• Develop and implement Configuration Management (CM) control policies and practices for authorizing the use of software and hardware. Monitor changes to system software, hardware, etc., to ensure security is not adversely impacted. Update appropriate documentation and upload into eMASS.

• Oversee, monitor, coordinate, and conduct System Security evaluations, audits, and reviews; coordinate and direct Command Information Assurance Vulnerability Management (IAVM) and Computer Task Order (CTO) Programs.

• Inspect and certify physical space requirements for Restricted Access Areas (RAA) and Controlled Access Areas (CAA) ensuring the mandated classification requirements are met. Provide protection requirements against intruders, vandals, accidents, and environmental dangers (i.e., fire, water, etc.). Develop and maintain Comman IT security policies; provide Public Key Infrastructure (PKI) and Common Access Card (CAC) support; monitor existing and new Department of Defense (DoD), Department of Navy (DON), Defense Information Systems Agency (DISA), and other agency IT and Security policies to stay current.
• Provide Information Security (INFOSEC) training management; Physical Security support; Vulnerability Remediation Asset Manager (VRAM) management; Assured Compliance Assessment Solution scanning and support; Host Base Systems Security (HBSS) management and support; creation, modification, and maintenance of Assessment and Authorization packages via eMass.

• Provide Security Compliance and Risk Mitigation Support to the Information Systems Security Manager (ISSM)/Information Systems Security Officer (ISSO). Conduct Risk Management Framework (RMF) steps 1-4 assessment and implementation based on the collection, analysis, and reporting of data in accordance with the appropriate security technology and Government policy methods.
• Analyze assessments and implement an overall risk-based decision to effectively certify security controls and countermeasures, and the overall security posture of systems and programs, networks and infrastructures throughout IT engineering lifecycles.

Qualifications

Minimum Baseline Certifications: CompTIA Advanced Security Practitioner

Minimum Operating System Certification: Microsoft OS or VMware

Security Clearance

Company Information

Headquartered in McLean, Virginia and founded in 2009, OBXtek is a growing leader in the government contracting field. Our mission is Our People…Our Reputation. Our people are trained professionals who enhance our customers’ knowledge and innovation using technology, collaboration, and education.

We offer a robust suite of benefits including comprehensive medical, dental and vision plans, Flexible Spending Accounts, matching 401K, paid time off, tuition reimbursement program and much more.

OBXtek pairs lessons learned across disciplines with best practices and industry standard quality practices such as CMMI-Dev Level III, ITIL, 6Sigma, PMI, and ISO. Our rapid growth has been recognized by INC500, the Washington Business Journal, and Washington Technology magazine.

OBXtek is an Equal Opportunity Employer and does not discriminate based on race, color, religion, sex, age, national origin, gender identity, disability, veteran status, sexual orientation or any other classification protected by federal, state or local law.