Information System Security Engineer
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.
Your Role and Responsibilities
Octo, an IBM company, is an industry-leading, award-winning provider of technical solutions for the federal government. At Octo, we specialize in providing agile software engineering, user experience design, cloud services, and digital strategy services that address government’s most pressing missions. Octo delivers intelligent solutions and rapid results, yielding lower costs and measurable outcomes.
Our team is what makes Octo great. At Octo you’ll work beside some of the smartest and most accomplished staff you’ll find in your career. Octo offers fantastic benefits and an amazing workplace culture where you will feel valued while you perform mission critical work for our government. Voted one of the region’s best places to work multiple times, Octo is an employer of choice!
As an Information Systems Security Engineer, you will be joining the team that is deploying and delivering a cloud-based, multi-domain Common Data Fabric (CDF), which provides data sharing services to the entire DoD Intelligence Community (IC). The CDF connects all IC data providers and consumers. It uses fully automated policy-based access controls to create a machine-to-machine data brokerage service, which is enabling the transition away from legacy point-to-point solutions across the IC enterprise.
We were founded as a fresh alternative in the Government Consulting Community and are dedicated to the belief that results are a product of analytical thinking, agile design principles and that solutions are built in collaboration with, not for, our customers. This mantra drives us to succeed and act as true partners in advancing our client’s missions.
The CDF program is an evolution for the way DoD programs, services, and combat support agencies access data by providing data consumers (e.g., systems, app developers, etc.) with a “one-stop shop” for obtaining ISR data. The CDF significantly increases the DI2E’s ability to meet the ISR needs of joint and combined task force commanders by providing enterprise data at scale. The CDF serves as the scalable, modular, open architecture that enables interoperability for the collection, processing, exploitation, dissemination, and archiving of all forms and formats of intelligence data. Through the CDF, programs can easily share data and access new sources using their existing architecture. The CDF is a network and end-user agnostic capability that enables enterprise intelligence data sharing from sensor tasking to product dissemination.
- Plan, design, and implement security controls and measures to protect the organization’s information systems and networks
- Evaluate and assess security risks and vulnerabilities, and develop strategies to mitigate them
- Develop and implement security policies, procedures, and guidelines to ensure compliance with organizational policies and regulatory requirements
- Work with engineering team to identify and document security solutions, including firewalls, intrusion detection/prevention systems, antivirus, and data encryption systems as required by parent organization.
- Conduct security assessments and audits of information systems and networks, and recommend improvements to security controls and measures
- Stay up to date with emerging trends and technologies in information security, and recommend improvements to the organization’s security posture
- Provide technical guidance and support to IT teams on security-related issues
- Ensure that information systems and networks are compliant with organizational policies and procedures, as well as any applicable regulatory requirements
- The functions of this role shall include, but not be limited to, the following:
- Identify security control requirements
- Maintain system security configuration
- Plan code scanning to identify vulnerabilities
- Support achievement of Authority to Test (ATT) and Authority to Operate (ATO)
Years of Experience: 10+ years of experience in information security, with experience in designing and implementing security controls and measures for information systems and networks. Experience with security assessments and audits is also preferred.
Desired Education: Bachelor’s degree in Computer Science or a related field (preferred).
Location: Chantilly, VA
Clearance: Active TS/SCI w/ ability to obtain CI Poly
Manage and review security logs and taking required actions
Required Technical and Professional Expertise
- Strong understanding of information security principles and methodologies
- Experience designing and implementing security controls and measures for information systems and networks
- Familiarity with security standards and regulations, such as NIST SP 800-53 and DOD RMF
- Experience conducting security assessments and audits, and recommending improvements to security controls and measures
- Experience with security solutions such as firewalls, intrusion detection/prevention systems, and data encryption systems
- Excellent communication and interpersonal skills, with the ability to work effectively with users and stakeholders at all levels
- Strong analytical and problem-solving skills, with the ability to identify security risks and vulnerabilities, and develop strategies to mitigate them
- Experience with security training and awareness programs
- DoD 8570 IAT Level II Certification (e.g. Security+) or the ability to obtain the certification within 90 days
- Clearance: Active TS/SCI w/ ability to obtain CI Poly
Preferred Technical and Professional Expertise
- Experience with cloud computing platforms such as AWS or Azure
- Experience with security-related tools such as vulnerability scanners, SIEMs, and endpoint protection systems
- Knowledge of network protocols and technologies, such as TCP/IP, DNS, and VPNs
- Scripting experience in Bash, Python, or Perl