Information Systems Security Engineer (ISSE)
Location: Washington, DC or Reston, VA
Clearance Required: Active TS/SCI with ability to obtain CI Polygraph
Responsibilities:
- Plan, research and design robust security architectures for IT projects
- Develop requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related network devices
- Design public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures
- Prepare cost estimates and identify integration issues
- Acquire a complete understanding of a customer's technology and information systems
- Perform vulnerability testing, risk analyses and security assessments
- Research security standards, security systems and authentication protocols
- Review and approve installation of firewall, VPN, routers, IDS scanning technologies and servers
- Provide technical supervision for (and guidance to) a security team
- Define, implement, and maintain corporate security policies and procedures
- Oversee security awareness programs and educational efforts
- Respond immediately to security-related incidents and provide a thorough post-event analysis
- Test final security structures to ensure they behave as expected
- Determine the most effective way to protect computers, networks, software, data and information systems against any possible attacks
- Plan, research and design robust security architectures for any IT project
- Test security solutions using industry standard analysis criteria
- Deliver technical reports and formal papers on test findings
Key Skills:
- Penetration and vulnerability testing
- Firewall and intrusion detection/prevention protocols
- Secure coding practices
- Ethical hacking and threat modeling
- Identity and access management principles
- Application security and encryption technologies
- Secure network architectures
- Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication
- Risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack pathologies
- Router, switch and VLAN security
- Practices and methods of IT strategy, enterprise architecture and security architecture
Key Technology Familiarity:
- Windows, UNIX and Linux operating system
- Cloud Services (e.g. Amazon Web Services (AWS), Microsoft Azure, etc.)
- Microsoft Office suite
- Network operating systems
- MySQL/MSSQL database platforms
- Perimeter security controls - firewall, IDS/IPS, network access control and network segmentation
- Virtualization technologies
- Encryption technologies and standards
- Wireless security
- VPNs, VLANs, VoIP and other network routing methods
- Network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.)
- C, C++, C#, Java, Python, or other programming languages
Requirements:
- Bachelor’s Degree in Computer Science, Software Engineering, Systems Engineering, Information Systems or a related technical discipline with 10+ yrs. of related work experience; an additional 4 years of work experience may be substituted in lieu of a degree
- Strong knowledge of PKI and encryption standards and data science a plus
- Excellent written and oral communication skills a must, with the ability to work independently or as a member of a team; must be comfortable working with personnel on all levels of an organization
- Must possess current DoD 8570 IAT III certification
- Current active TS/SCI clearance, with the ability to obtain and maintain a CI polygraph
PCI Strategic Management is a premier management consulting firm that assists organizations in defining and executing their strategic vision. PCI is a veteran-owned small business providing
professional services, technical solutions, and management consulting primarily to the
U.S. Department of Defense and Intelligence Community Clients.
PCI is headquartered in Columbia, MD and is an Equal Opportunity Employer.