Information Systems Security Engineer (ISSE) job in Albuquerque

Strategic ACI is seeking a Information Systems Security Engineer (ISSE) to serve as the Program Office's information security professional responsible for managing all aspects of an organization's information security system, including researching, testing, training, and implementing programs designed to safeguard sensitive information from possible compromise., * This position requires travel, up to 25% per month.

• Works with System Engineering teams to incorporate cyber resiliency objectives, techniques, and design principles into all system engineering and development efforts throughout the systems development life cycle (SDLC).
• Develop and maintain documentation and diagrams for security tools, system environments, and cloud operations.
• Perform requirements analysis, design, and integration for complex software applications and collaboration infrastructures.
• Participate in the change management process, including reviewing Change Requests and assisting in the assessment of security impact of proposed changes.
• Write implementation and design documents describing how security features are implemented.
• Create and maintain information system security documentation, Standard Operating Procedures (SOP), and provide guidance on active Plans of Action and Milestones (POA&M).
• Conduct periodic and continuous monitoring of the system, procedures, and documentation to ensure compliance with the authorization package.

• US Citizen.
• Active TS/SCI Clearance and the ability to pass a CI Polygraph.
• Current or recent DoD SAP access.
• Bachelor's degree in engineering, computer science, cybersecurity, networking, or programming.
• 7+ years' technical experience in cybersecurity, information technology, or systems engineering.
• Experience working with Special Access Programs (SAPs).
• Ability to travel up to 25% per month.
• Strong proficiency fault tolerance, and Reliability, Maintainability, Availability (RMA) subject matter.
• Excellent analytical skills and be capable of quantifying risk to enterprise systems and level of compliance with security policy.
• Excellent verbal and written communication skills.
• Hands on experience with scripting.
• Experience in DOD Information Technology Security Certification and Accreditation Process (DITSCAP), DOD Information Assurance Certification and Accreditation Process (DIACAP), or Risk Management Framework (RMF).
• Advanced knowledge in one or more of the following areas:

1. Java, Python, Ruby and/or C++
2. Linux Expertise (RedHat/RHEL or CentOS preferred)
3. Dynamic & Static Application Security Scanning (e.g., Arachni, OWASP ZAP, BurpSuite, Fortify, Checkmarx, etc.)
4. Virtualization and containers (EC2, Docker)
5. Infrastructure Security Scanning, Vulnerability Scanning (Twistlock, ACAS/Nessus)

• Certification requirements in one or more of the following:

1. Certified Information Systems Security Professional (CISSP).
2. Certified Cloud Security Professional (CCSP).
3. Information Systems Security Engineering Professional (ISSEP)
4. Desired:

• Master's Degree.