Campus Pride Jobs

JOB SUMMARY: The Senior System Security Engineer is a senior technical resource responsible for ensuring that delivery on federal contracts meet all federal IT security standards, best practices, policies, and processes in order to deliver federal IT security compliant solutions. This work is a mix of strategy, documentation, negotiations, technical leadership, and hands-on cyber security work for federal Clients. They will be responsible for the management of information in the federal cybersecurity and risk management platforms, such as the Cyber Security Assessment & Management (CSAM) and Xacta platforms, for all federal contracts assigned.

They will be involved in guiding a team to properly document system security boundaries, understanding and assessing security controls, and educating federal Clients on the proper security controls for the solutions our team implements and supports. The Information System Security Officer will interact with all levels of Arctic IT Government Solutions employees, sister companies, partners, and federal Client organizations in the execution of the following essential functions.

This is a non-supervisory role.

Responsibilities:

ESSENTIAL FUNCTIONS:

Security Operations:

• Evaluate needs and make recommendations on how to meet IT Security standards and best practices for security operations, including but not limited to, tools, process, policies, etc.

```{=html}

``` - Implement federal IT security standard operational models and maintain them throughout the life of the federal contract

```{=html}

``` - Work with federal Chief Information Security Officer (CISO) and their staff to evaluate and determine the best security controls to be applied to new systems of record and manage the Assessment & Authorization (A&A) process in order to achieve an Authority to Operate (ATO)

```{=html}

``` - Manage the annual reassessment of federal solutions on contracts assigned, this includes tasks necessary to address existing and new Plan of Action Milestones (POAMs), updating any documentation for A&A, and any other tasks necessary to continue an ATO for assigned systems and solutions

```{=html}

``` - Collaborate with information system owners, security officers, developers, and IT operations personnel to conduct system security categorizations in accordance with NIST SP 800-60 and FIPS 199 requirements (as amended)

```{=html}

``` - Document security control selections and apply control tailoring guidance in accordance with NIST SP 800-53 and NIST SP 800-18 (as amended)

```{=html}

``` - Develop initial system security plans and contingency plans aligned with organizational policies and NIST SP 800-18, NIST SP 800-34 (as amended) and security best practices

```{=html}

``` - Monitor threats and take preventive measures as needed on federal contracts assigned

```{=html}

``` - Identify, report, and control security incidents on federal contracts assigned

```{=html}

``` - Train internal team on changes to federal security standards as necessary

```{=html}

``` - Demonstrate subject matter expert regarding SIEM's, security tools and usage, complex networking concepts, security protocols, operating systems, and system applications

```{=html}

``` - Create a process to provide ongoing security checks throughout the Client lifecycle

```{=html}

``` - Communicate with team known vulnerabilities and remediation/mitigation plans

```{=html}

``` - Stay up to date on key industry related security issues and trends, and relay to management and federal Clients as needed

```{=html}

``` - Provide input, including writing content for federal solicitation responses

Qualifications:

QUALIFICATIONS:

Bachelor's degree in MIS, Computer Science, or related field highly preferred, may substitute or equivalent technical consulting, system administration, or network admi istration experience in an ent