Security Engineer IV at Chickasaw Nation Industries in Scott Air Force Base, IL
SUMMARY The Security Engineer IV provides support to the United States Transportation Command (USTRANSCOM) Program Executive Office - TRANSCOM (PEO-T). This position provides Systems and Security Engineering support across the PEO-T for assigned programs and related activities throughout the acquisition lifecycle following the Integrated Defense Acquisition, Technology & Logistics Life Cycle Management Framework. ESSENTIAL DUTIES AND RESPONSIBILITIES Essential duties and responsibilities include the following. Other duties may be assigned. Responsible for the integration of CNI Core Competencies into daily functions, including:
commitment to integrity, knowledge/quality of work, supporting financial goals of the company, initiative/motivation, cooperation/relationships, problem analysis/discretion, accomplishing goals through organization, positive oral/written communication skills, leadership abilities, commitment to Affirmative Action, reliability/dependability, flexibility and ownership/accountability of actions taken. Demonstrates experience in engineering or management disciplines (e.g., business analysis, systems analysis, software engineering, system engineering, process engineering, data administration, group facilitation of systems requirements, change management, or project management of software or systems engineering projects). Demonstrates ability and may need to analyze and integrate business functions and activities of an enterprise. Understands the phases of an enterprise information-engineering life cycle. Applies sound engineering logic and principles in a methodological approach to describe and communicate business needs and expected outcomes. Demonstrates communication, facilitation and client management skills. Functions as a team member integrating activities and artifacts of the enterprise information engineering life cycle. Works with and demonstrates capabilities with a variety of tools spanning life cycle phases. May collaborate with business and technical experts to define solutions integrating business and technology applying a data centric value chain. Drives change to business guidance and operations to implement effective and efficient outcomes. Facilitates change to the enterprise using strategic business management, engineering disciplines and techniques, and other tools to produce integrated and cohesive models for effective communication (e.g., scenario, data, functional activity, process, organization, workflow and business case). Performs standard functional activities, business practices, data schema and metadata. Uses integrated strategic, tactical and operational business solutions that take full advantage of technology and industry norms. Develops Enterprise life cycle management approach to evolve and change the enterprise operations over time relative to environmental influences, business direction and advances in technology. Applies business plans setting enterprise direction and guidance (e.g., vision, mission, goals, strategies, objectives, critical success factors, policies performance measures, strengths, weaknesses, opportunities, threats and environmental influences). Applies business process improvement practices to re-engineer methodologies/principles and business process modernization projects. Applies, as appropriate, activity and data modeling, transaction flow analysis, internal control and risk analysis and modern business methods and performance measurements techniques. Assists in establishing standards for information systems procedures. Develops and applies organization-wide information models for use in designing and building integrated, shared software and database management systems. Constructs sound, logical business improvement opportunities consistent with corporate Information Management guiding principles, cost savings and open system architecture objectives. Provides supervision and direction to staff. Responsible for aiding in own self-development by being available and receptive to all training made available by the company. Plans daily activities within the guidelines of company policy, job description and supervisor's instruction in such a way as to maximize personal output. Responsible for keeping own immediate work area in a neat and orderly condition to ensure safety of self and co-workers. Will report any unsafe conditions and/or practices to the appropriate supervisor and human resources. Will immediately correct any unsafe conditions as the best of own ability. EDUCATION/EXPERIENCE Bachelor's degree in Computer Science, Computer Engineering or a related discipline, and a minimum of seven (7) years' experience, or equivalent combination of education / experience. CERTIFICATES, LICENSES, REGRISTRATION This position requires Secret Security Clearance IAWIP Certification:
IAT I, IAT II, IAM I JOB SPECIFIC KNOWLEDGE / SKILLS / ABILITIES Expertise to develop and/or review system authorization documentation in accordance with DoD implementation of the Risk Management Framework (RMF). Experience participating in TIMs on a wide range of PMO security engineering meetings. Experience participating in Acquisition program Engineering Milestone Reviews. Experience coordinating with development Contractor security/system engineers and USTRANSCOM/DISA Security Office to resolve program security issues. Possess skills to conduct Technical Reviews of development Contractor produced security deliverables. Experience performing security activities to maintain authorization of the PMO programs. Experience using the DOD Enterprise Mission Assurance Support Service (eMASS) system. Experience providing support to ensure PMO system(s) are designed, developed, and deployed in accordance with applicable Executive Orders, Federal Policy, DOD regulations, USTRANSCOM requirements, and commercial best practice. Experience performing vulnerability scans using ACAS, Nessus, and Fortify SCA, analyze outputs to identify vulnerabilities, and recommend mitigation and remediation actions. Experience implementing DISA STIGS and verifying application. Experience writing and tracking POA&Ms. Experience conducting and evaluating security-testing activities including security assessments, audits and penetration testing. Experience supporting operational security activities e.g., firewall implementation, risk mitigation, host security, encryption, intrusion detection, Virtual Private Network (VPN) implementations and viral detections. Experience with security lockdown and/or hardening of servers and network devices. Ability to coordinate overall security strategy with multiple agencies, Authorizing Official (AO) representatives. Ability to coordinate with developers, vendors and other government organizations/agencies to assess security engineering issues. Experience recommending changes to network and security architecture to improve security posture and meet operational performance requirements. LANGUAGE SKILLS Ability to read, analyze and interpret common scientific and technical journals, financial reports and legal documents. Ability to respond to common inquiries or complaints from customers, regulatory agencies, or members of the business community. Ability to write speeches and articles for publication that conform to prescribed style and format. Ability to effectively present information to top management, public groups and/or boards of directors.
Salary Range:
$100K -- $150K
Minimum Qualification
IT SecurityEstimated Salary: $20 to $28 per hour based on qualifications.
commitment to integrity, knowledge/quality of work, supporting financial goals of the company, initiative/motivation, cooperation/relationships, problem analysis/discretion, accomplishing goals through organization, positive oral/written communication skills, leadership abilities, commitment to Affirmative Action, reliability/dependability, flexibility and ownership/accountability of actions taken. Demonstrates experience in engineering or management disciplines (e.g., business analysis, systems analysis, software engineering, system engineering, process engineering, data administration, group facilitation of systems requirements, change management, or project management of software or systems engineering projects). Demonstrates ability and may need to analyze and integrate business functions and activities of an enterprise. Understands the phases of an enterprise information-engineering life cycle. Applies sound engineering logic and principles in a methodological approach to describe and communicate business needs and expected outcomes. Demonstrates communication, facilitation and client management skills. Functions as a team member integrating activities and artifacts of the enterprise information engineering life cycle. Works with and demonstrates capabilities with a variety of tools spanning life cycle phases. May collaborate with business and technical experts to define solutions integrating business and technology applying a data centric value chain. Drives change to business guidance and operations to implement effective and efficient outcomes. Facilitates change to the enterprise using strategic business management, engineering disciplines and techniques, and other tools to produce integrated and cohesive models for effective communication (e.g., scenario, data, functional activity, process, organization, workflow and business case). Performs standard functional activities, business practices, data schema and metadata. Uses integrated strategic, tactical and operational business solutions that take full advantage of technology and industry norms. Develops Enterprise life cycle management approach to evolve and change the enterprise operations over time relative to environmental influences, business direction and advances in technology. Applies business plans setting enterprise direction and guidance (e.g., vision, mission, goals, strategies, objectives, critical success factors, policies performance measures, strengths, weaknesses, opportunities, threats and environmental influences). Applies business process improvement practices to re-engineer methodologies/principles and business process modernization projects. Applies, as appropriate, activity and data modeling, transaction flow analysis, internal control and risk analysis and modern business methods and performance measurements techniques. Assists in establishing standards for information systems procedures. Develops and applies organization-wide information models for use in designing and building integrated, shared software and database management systems. Constructs sound, logical business improvement opportunities consistent with corporate Information Management guiding principles, cost savings and open system architecture objectives. Provides supervision and direction to staff. Responsible for aiding in own self-development by being available and receptive to all training made available by the company. Plans daily activities within the guidelines of company policy, job description and supervisor's instruction in such a way as to maximize personal output. Responsible for keeping own immediate work area in a neat and orderly condition to ensure safety of self and co-workers. Will report any unsafe conditions and/or practices to the appropriate supervisor and human resources. Will immediately correct any unsafe conditions as the best of own ability. EDUCATION/EXPERIENCE Bachelor's degree in Computer Science, Computer Engineering or a related discipline, and a minimum of seven (7) years' experience, or equivalent combination of education / experience. CERTIFICATES, LICENSES, REGRISTRATION This position requires Secret Security Clearance IAWIP Certification:
IAT I, IAT II, IAM I JOB SPECIFIC KNOWLEDGE / SKILLS / ABILITIES Expertise to develop and/or review system authorization documentation in accordance with DoD implementation of the Risk Management Framework (RMF). Experience participating in TIMs on a wide range of PMO security engineering meetings. Experience participating in Acquisition program Engineering Milestone Reviews. Experience coordinating with development Contractor security/system engineers and USTRANSCOM/DISA Security Office to resolve program security issues. Possess skills to conduct Technical Reviews of development Contractor produced security deliverables. Experience performing security activities to maintain authorization of the PMO programs. Experience using the DOD Enterprise Mission Assurance Support Service (eMASS) system. Experience providing support to ensure PMO system(s) are designed, developed, and deployed in accordance with applicable Executive Orders, Federal Policy, DOD regulations, USTRANSCOM requirements, and commercial best practice. Experience performing vulnerability scans using ACAS, Nessus, and Fortify SCA, analyze outputs to identify vulnerabilities, and recommend mitigation and remediation actions. Experience implementing DISA STIGS and verifying application. Experience writing and tracking POA&Ms. Experience conducting and evaluating security-testing activities including security assessments, audits and penetration testing. Experience supporting operational security activities e.g., firewall implementation, risk mitigation, host security, encryption, intrusion detection, Virtual Private Network (VPN) implementations and viral detections. Experience with security lockdown and/or hardening of servers and network devices. Ability to coordinate overall security strategy with multiple agencies, Authorizing Official (AO) representatives. Ability to coordinate with developers, vendors and other government organizations/agencies to assess security engineering issues. Experience recommending changes to network and security architecture to improve security posture and meet operational performance requirements. LANGUAGE SKILLS Ability to read, analyze and interpret common scientific and technical journals, financial reports and legal documents. Ability to respond to common inquiries or complaints from customers, regulatory agencies, or members of the business community. Ability to write speeches and articles for publication that conform to prescribed style and format. Ability to effectively present information to top management, public groups and/or boards of directors.
Salary Range:
$100K -- $150K
Minimum Qualification
IT SecurityEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
