Raytheon Technologies Computer Systems Security Engineer in McLean, Virginia
Raytheon Technologies is looking for a Computer Systems Security Engineer (SE), who also possesses knowledge as an Information Systems Security Engineer (ISSE). The SE/ISSE is responsible for multiple infrastructure and rapid prototype projects, assisting the Sponsor in generating and maintaining security documentation for system hardware and software to include system security plans (SSPs), equipment lists, software/hardware lists, practices, procedures, etc. The ISSE duties shall include, but not limited to the following:
Serve as Information security lead for multiple infrastructure and rapid prototyping projects.
Develop and review security concept of operations, systems security plans, security control assessment, contingency plans, configuration management plans, incident response plans, plans of action and milestones, risk management plans, vulnerability scanning and/or vulnerability management plans.
Maintain security documentation for system hardware and software to include but not limited to the Systems Security Plan, equipment lists, software lists, system concepts of operations, system security design, implementation practices and procedures.
Evaluates potential security risks and takes appropriate corrective, mitigation, and recovery actions.
Oversees the applicable patches are implemented, including information assurance (IA) vulnerability alerts (IAVA) and other related vulnerability patching that is applicable.
Working with engineers and systems administrators to resolve system issues, develop mitigation and remediation strategies
Responsible for scanning systems and reporting findings
Review security test results to identify weaknesses, technical flaws, and vulnerabilities.
Implements security engineering principles to review security requirements, verify implementation, and provide mitigation recommendations to facilitate secure systems for A&A process
Recommend technical process improvements for the A&A process
•Implement risk management framework (RMF) processes and document the system capabilities.
Assess, verify, and support the implementation of security controls (physical and logical)
Manage POA&Ms for the system and ensure that milestones are met
Enforcing INFOSEC policies and procedures
Certified Information Systems Security Professional (CISSP)
Information Systems Security Engineering Professional (ISSEP)
DOD Information Technology Security Certification and Accreditation Process (DITSCAP)
DOD Information Assurance Certification and Accreditation Process (DIACAP)
Familiarity with Agile framework
Ability to perform in a fast-paced environment with frequent changes
Understand risk management framework process
Experience with using NESSUS on a large IT network similar to the Sponsor's network.
Minimum Qualifications and Education
Bachelor's Degree in computer science, computer engineering, information assurance, and ten (10) years of relevant experience. Eight (8) years of experience, for a total of eighteen (18) can be substituted in lieu of a degree.
Seven (7) years relevant experience in information assurance or information security engineering.
Five (5) years experience working on Sponsor's Agency assessment and authorization (A&A) security packages
Must be a US Citizen with an active TS/SCI clearance with poly and be eligible for crossover.
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.