Welcome page

ISSO/Systems Security Engineer

ID
2025-24339
Category
Cybersecurity/Information Security
Location : Location
US-VA-Dahlgren
Clearance Level Must Be Able to Obtain
Top Secret
Minimum Clearance Required
Secret
Travel Requirement
N/A

Overview

ISSO/SYSTEMS SECURITY ENGINEER (RDTE)

 

Bowhead is seeking a skilled full-time ISSO/Systems Security Engineer to join our team in Dahlgren, VA. The ideal candidate will assure all Information Systems (IS), Government desktops, and corporate network components, unclassified and classified, adhere to and are certified in accordance with the latest versions of guidance such as NAVSEA, DoN, DoD, US CYBERCOM, and other relevant guidance, such as DoD 8500 series, NAVSEAINST 5239.1, and DOD Inst. 5200.40.

Responsibilities

Key Responsibilities:

  • Using DoD network analysis tools to identify vulnerabilities (e.g., ACAS, HBSS, etc.).

  • Provide technical assistance to the Government in assuring compliance with all policies, guidance, and recommendations stipulated and promulgated by the NSWCDD ISSM.

  • Recommend and develop draft IA and system security procedures and practices, in accordance with the NSWCDD Information Assurance and Compliance Office standards and administer approved procedures and practices.

  • Identify security vulnerabilities and recommend corrective security measures for network access points.

  • Working knowledge in Risk Assessment (RA), Risk Management Framework (RMF) which outlines the Steps to Risk Management Process for Federal Information Systems in order to assist the business areas in completion of the Business Impact Analysis, and subsequent creation of Security Documentations like System Security Plan (SSP), Security Assessment Report (SAR) and Plans of Action and Milestones (POA&M).

  • Ensure RMF packages are updated and accredited during the regular three-year Authority to Operate (ATO) cycles.

  • Experience with NIST 800 SPs to include but not limited to NIST SPs 800-37, 800-53 & 53A, 800-60, FIPS (199 & 200).

  • Develop PDS Approval Request packages for new PDSs and update PDS Daily Inspection Procedures.

  • Ceate a Plan of Actions and Milestones (POA&M) and Standard Operating Procedures (SOPs)

  • Ability to analyze Security Technical Implementation Guides (STIGs), Security Content Automation Protocol (SCAP) and Assured Compliance Assessment Solution (ACAS) scanning results

  • Developing a variety of IA related documentation, to include but not be limited to, Platform Information Technology (PIT) designation requests, PIT Risk Assessment requests

Required Skills:

  • Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
  • Skill in using DoD network analysis tools to identify vulnerabilities (e.g., ACAS, HBSS, etc.).
  • Skill in system, network, and OS hardening techniques (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
  • Skill in conducting application vulnerability assessments.
  • Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
  • Ability to share meaningful insights about the context of an organization’s threat environment that improve its risk management posture.
  • Ability to cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
    Tenable Assured Compliance Assessment Solution (ACAS)
  • Trellix Endpoint Security System (ESS), previously known as McAfee Host Based Security System (HBSS)
  • Skill in applying host/network access controls (e.g., access control list).
  • Skill in using Virtual Private Network (VPN) devices and encryption.
  • Skill in securing network communications.
  • Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
  • Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution.
  • Skill in performing impact/risk assessments.
  • Skill to develop insights about the context of an organization’s threat environment
  • Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Qualifications

Required:

  • High School Diploma required. Bachelors Degree preferred. 

  • A minimum of to five (5) years of experience in systems design, development and integration preferred.

  • Must meet DoDD 8140 IAM Level II Certification

  • Knowledgeable with DoD security and IA requirements as outlined in DoDI 8500.2 and the Defense Information Systems Agency (DISA) Security Technical Implementation Guidelines (STIG).

  • Must have knowledge of basic to advanced UNIX and Windows system administration as well as current knowledge of DoD Ports, Protocols, and Services (PPS), Public Key Infrastructure (PKI), and DoD Information Assurance Vulnerability Management (IAVM) policies and standards.

  • Knowledge of computer networking concepts and protocols, and network security methodologies.
  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth & concept of zero trust).
  • Knowledge of basic system, network, and OS hardening techniques.
  • Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
  • Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • Knowledge of application vulnerabilities.
  • Knowledge of system administration, network, and operating system hardening techniques.
  • Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems.

Preferred:

  • Experience with the Enterprise Mission Assurance Support Service (eMASS), or managing DoD and DoN IA Portfolios is desired.

  • Prefer a working knowledge of STIG Viewer, ACAS, eMASSter, and Excel

  • Knowledge of RDT&E and/or tactical systems

  • Knowledge of cyber threats and vulnerabilities.
  • Knowledge of specific operational impacts of cybersecurity lapses.
  • Knowledge of host/network access control mechanisms (e.g., access control list, capabilities list).
  • Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • Knowledge of network traffic analysis methods.
  • Knowledge of Virtual Private Network (VPN) security.
  • Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly.
  • Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
  • Knowledge of application security risks.

Physical Demands:

  • Must be able to lift up to 10 pounds 
  • Must be able to stand and walk for prolonged amounts of time
  • Must be able to twist, bend and squat periodically

SECURITY CLEARANCE REQUIREMENTS: Must be able to obtain a Top Secret clearance may start with a Secret clearance.  US Citizenship is a requirement for Top Secret clearance at this location.

 

#LI-JR1

 

Options

<p style="margin: 0px;"><span style="font-size: 11.0pt; font-family: 'Arial',sans-serif;">Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.</span></p>
Share on your newsfeed

Applicants may be subject to a pre-employment drug & alcohol screening and/or random drug screen, and must follow UIC’s Non-DOT Drug & Alcohol Testing Program requirements. If the position requires, an applicant must pass a pre-employment criminal background history check. All post-secondary education listed on the applicant’s resume/application may be subject to verification.

Where driving may be required or where a rental car must be obtained for business travel purposes, applicants must have a valid driver license for this position and will be subject to verification. In addition, the applicant must pass an in-house, online, driving course to be authorized to drive for company purposes.

UIC is an equal opportunity employer. We evaluate qualified applicants without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other protected characteristics EOE/D/V. In furtherance, pursuant to The Alaska Native Claims Settlement Act 43 U.S.C. Sec. 1601 et seq., and federal contractual requirements, UIC and its subsidiaries may legally grant certain preference in employment opportunities to UIC Shareholders and their Descendants, based on the provisions contained within The Alaska Native Claims Settlement Act. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities. Please view Equal Employment Opportunity Posters provided by OFCCP here.

All candidates must apply online at www.uicalaska.com, and submit a completed application for all positions they wish to be considered. Once the employment application has been completed and submitted, any changes to the application after submission may not be reviewed. Please contact a UIC HR Recruiter if you have made a significant change to your application. In accordance with the Americans with Disabilities Act of 1990 (ADA), persons unable to complete an online application should contact UIC Human Resources for assistance www.uicalaska.com/careers/recruitment/.

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)

UIC Government Services (UICGS / Bowhead) provides innovative business solutions to federal and commercial customers in the areas of engineering, maintenance services, information technology, program support, logistics/base support, and procurement. Collectively, the fast-growing Bowhead Family of Companies offers a breadth of services which are performed with a focus on quality results. Headquartered in Springfield, VA, we are a fast-growing, multi-million-dollar company recognized as a top Alaska Native Corporation providing services across the Department of Defense and many federal agencies. Bowhead offers competitive benefits including medical, dental, vision, life insurance, accidental death and dismemberment, short/long-term disability, and 401(k) retirement plans as well as a paid time off programs for eligible full-time employees. Eligible part-time employees are able to participate in the 401(k) retirement plans and state or contract required paid time off programs.

Join our Talent Community!

Join our Talent Community to receive updates on new opportunities and future events.