Raytheon Technologies Information Systems Security Engineer (ISSE) in Dulles, Virginia
Raytheon Technologies is looking for a Computer Systems Security Engineer (SE), who also possesses knowledge as an Information Systems Security Engineer (ISSE).
The SE/ISSE is responsible for multiple infrastructure and rapid prototype projects, assisting the customer in generating and maintaining security documentation for system hardware and software to include system security plans (SSPs), equipment lists, software/hardware lists, practices, procedures, etc.
The ISSE duties shall include, but not limited to the following:
•Serve as Information security lead for multiple infrastructure and rapid prototyping projects.
•Develop and review security concept of operations, systems security plans, security control assessment, contingency plans, configuration management plans, incident response plans, plans of action and milestones, risk management plans, vulnerability scanning and/or vulnerability management plans.
•Maintain security documentation for system hardware and software to include but not limited to the Systems Security Plan, equipment lists, software lists, system concepts of operations, system security design, implementation practices and procedures.
•Evaluates potential security risks and takes appropriate corrective, mitigation, and recovery actions.
•Oversees the applicable patches are implemented, including information assurance (IA) vulnerability alerts (IAVA) and other related vulnerability patching that is applicable.
•Working with engineers and systems administrators to resolve system issues, develop mitigation and remediation strategies
•Responsible for scanning systems and reporting findings
•Review security test results to identify weaknesses, technical flaws, and vulnerabilities.
•Implements security engineering principles to review security requirements, verify implementation, and provide mitigation recommendations to facilitate secure systems for assessment and authorization (A&A) process
•Recommend technical process improvements for the A&A process
•Implement risk management framework (RMF) processes and document the system capabilities.
•Assess, verify, and support the implementation of security controls (physical and logical)
•Manage POA&Ms for the system and ensure that milestones are met.
•Enforcing INFOSEC policies and procedures
•Certified Information Systems Security Professional (CISSP)
•Information Systems Security Engineering Professional (ISSEP)
•DOD Information Technology Security Certification and Accreditation Process (DITSCAP)
•DOD Information Assurance Certification and Accreditation Process (DIACAP)
•Familiarity with Agile framework
•Ability to perform in a fast-paced environment with frequent changes
•Understand risk management framework process
•Experience with using NESSUS on a large IT network
Qualifications and Education:
•Bachelor's Degree in Computer Science, Computer Engineering, Information Assurance, and ten (10) years of relevant experience.
*Must have an active TS/SCI clearance.175682
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.