Information Systems Security Engineer II (ISSE II)

Dynamic Solutions Technology, LLC , a premier strategic services firm that meets IT and Service needs for commercial and government clients, is seeking a full-time Information Systems Security Engineer II (ISSE II). This position is an exempt role that will provide on-site support at the government customer's area of operation in the Philadelphia, PA location.

ACTIVE SECRET CLEARANCE REQUIRED

RESPONSIBILIES

• Assist with the developing, maintaining, and tracking Risk Management Framework (RMF) system security plans, which include System Categorization Forms, Platform Information Technology (PIT) Determination
• Privacy Impact Assessments (PIA), and Plans of Action and Milestones (POA&M).
• Execute the RMF process in support of obtaining and maintaining Interim Authority to Test (IATT), AO approval, Authorization to Operate (ATO), and Denial of Authorization to Operate (DATO).
• Identify and tailor IT and Cyber Security (CS) control baselines based on RMF guidelines and categorization of the RMF boundary.
• Perform Ports, Protocols, and Services Management (PPSM).
• Perform IT and CS vulnerability-level risk assessments.
• Execute security control testing as required by a risk assessment or annual security review (ASR).
• Mitigate and remediate IT and CS system level vulnerabilities for all assets within the boundary per STIG requirements.
• Develop and maintain Plans of Actions and Milestones (POA&M) in Enterprise Mission Assurance Support Service (eMASS).
• Develop and maintain system level IT and CS policies and procedures for respective RMF boundaries in accordance with guidance provided by the command ISSMs.
• Perform and develop vulnerability assessments with automated tools such as Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP) Compliance Check (SCC) and Evaluate STIG.
• Deploy security updates to Information System components.
• Perform routine audits of IT system hardware and software components.
• Participate in IT change control and configuration management processes.
• Upload vulnerability data in Vulnerability Remediation Asset Manager (VRAM).
• Image or re-image assets that are part of the assigned RMF boundary.
• Install software and troubleshoot software issues as necessary to support compliance of the RMF boundaries' assets.
• Assist with removal of Solid-State Drive (SSD), Hard Disk Drive (HDD) or other critical components of assets before destruction and removal from the RMF boundary.
• Support configuration change documentation and control processes and maintaining DOD STIG Compliance.
• Support cyber compliance of assets that are part of an enterprise IT network to include Windows server and CISCO networking hardware; This includes assessing vulnerabilities, patching and meeting requirements of the STIG for the hardware.
• Report compliance issues of network hardware to management to avoid operational loss of the network.

EXPERIENCE AND EDUCATION REQUIREMENTS :