Job Description
SENIOR PRINCIPAL INFORMATION SYSTEMS SECURITY
ENGINEER
Concurrent Technologies Corporation
Client Site – Columbia, MD area
Minimum Clearance Required: TS/SCI with Fullscope Poly
Clearance Level Must Be Able to Obtain: TS/SCI with Fullscope Poly
CTC
stays ahead of the latest technology advancements so we can help solve our
clients’ toughest challenges. As a part of the Information Technology (IT)
Division, you will be strengthening our team of world-class experts aimed at
providing our clients with the most effective solutions. Our expertise in
achieving missions is unmatched, and we continue to have a major positive
impact throughout the Department of Defense (DoD), Intelligence Community (IC),
and beyond. Our IT solutions are at work in high-level, high-priority areas of
the DoD and U.S. Government agencies. We are leaders in artificial intelligence
and machine learning, cloud architecture and security, cross domain solutions,
cybersecurity, edge node technology, synthetic environments, and more. We are
honored to be a trusted provider of cutting-edge and customized solutions to
our clients for decades. Our experts are leading the rapidly evolving IT
industry with innovative work in a variety of disciplines, including DevSecOps,
which underpins many of our efforts. With CTC’s IT Division, you become part of
a dedicated team committed to advancing the ever-growing possibilities in IT
and meeting our clients’ challenges with up-to-the-minute, customized, and
powerful solutions.
Key Responsibilities:
·To protect the interests of national security, cyber incidents
must be coordinated among and across DoD organizations and sources outside the
Department of Defense, and critical infrastructure and critical infrastructure
sector Information Sharing and Analysis Centers (ISACs) via Tier I, Tier II,
and Tier III support.
·CND response services include the actions taken to report,
analyze, coordinate, and respond to any event or cyber incident for the
purpose of mitigating any adverse operational or technical impact.
·Cyber incident reporting includes a well-defined framework for the
timely reporting of any cyber event or incident. The report provides an
accurate, meaningful, and complete understanding of the cyber incident from
initial detection to analysis and remediation. This information feeds into the
User-Defined Operational Picture, which provides local, intermediate, and DoD
wide situational awareness of CND actions and their impact.
·Cyber incident analysis identifies several critical elements of an
incident to determine and characterize its possible effects on DoD information
networks, operational missions, and other defense programs. This activity
relies on effective acquisition, preservation, and timely reporting of cyber
incident data.
·Cyber incident response includes the coordinated development and
implementation of courses of action (CO As) that focus on containment,
eradication, and recovery. At the same time, it ensures the acquisition and
preservation of data required for tactical analysis, strategic analysis, and/or
LE investigations.
Basic Qualifications:
·Bachelor’s Degree from an accredited college or university in
Computer Science or related discipline and 12 years of directly related
experience or a Master’s degree and 10 years of directly related experience, or
a PhD and 8 years of directly related experience.
·Fourteen (14) years’ experience as an ISSE on programs and
contracts of similar scope, type, and complexity within the Federal Government
is required
·The Information Systems Security Engineer shall perform, or
review, technical security assessments of computing environments to identify
points of vulnerability, non-compliance with established Information Assurance
(IA) standards and regulations, and recommend mitigation strategies. Validates
and verifies system security requirements definitions and analysis and
establishes system security designs. Designs, develops, implements and/or
integrates IA and security systems and system components including those for
networking, computing, and enclave environments to include those with multiple
enclaves and with differing data protection/classification requirements. Builds
IA into systems deployed to operational environments. Assists architects and
systems developers in the identification and implementation of appropriate
information security functionality to ensure uniform application of Agency
security policy and enterprise solutions.
·Supports the building of security architectures. Enforce the
design and implementation of trusted relations among external systems and
architectures.
·Assesses and mitigates system security threats/risks throughout
the program life cycle. Contributes to the security planning, assessment, risk
analysis, risk management, certification and awareness activities for system
and networking operations. Reviews certification and accreditation
(C&A) documentation, pro viding feedback on completeness and compliance of
its content. Applies system security engineering expertise in one or more of
the following to : system security design process; engineering life cycle;
information domain; cross domain solutions; commercial off-the-shelf and
government off-the-shelf cryptography; identification; authentication; and
authorization; system integration; risk management; intrusion detection;
contingency planning; incident handling; configuration control; change
management; auditing; certification and accreditation process; principles of IA
(confidentiality, integrity, non-repudiation, availability, and access control
·DoD 8570 compliance with IASAE Level 2 (i.e. CISSP) is required
Preferred Qualifications:
·Cybersecurity degree
·AWS Experience
Why CTC?
·Our teams at CTC are passionate and thrive on collaboration in a
team environment
·When we encounter a difficult problem, we have a variety of
talented and diverse employees that work together to solve the toughest
challenges
·Competitive salary and benefits package
·Although our work at CTC is extremely important, we also recognize
the need for our employees to maintain a proper mix of work and personal life
·Visit www.ctc.com to
learn more
Benefits:
·The starting salary range for this position has been established
as $184,000 – $240,000
·Medical Insurance and Prescription
·Dental Insurance
·Vision Insurance
·Life and AD&D Insurance
·Short-Term/Long-Term Disability Insurance
·Employee Assistance Program (EAP)
·Voluntary Critical Illness and Accident Insurance
·Tuition Reimbursement Assistance
·Paid Leave
·Paid Holidays
·Bereavement Leave
·Retirement Plan
The
Concurrent Technologies Corporation pay range for this job level is a general
guideline and not a guarantee of compensation or salary.
Join us!CTC offers exceptional career growth, cutting edge technology,
educational opportunities, and recognition for quality work.
https://concurrent-technologies-corporation.breezy.hr/
Email: careers@ctc.com
Staffing Requisition: SR#2025-0004
“We are an equal opportunity employer, and
all qualified applicants will receive consideration for employment without
regard to race, color, religion, sex, sexual orientation, gender identity,
national origin, age, disability status, protected veteran status, or any other
characteristic protected by law.”
Job Requirements
Basic Qualifications:
• Bachelor’s Degree from an accredited college or university in Computer Science or related discipline and 12 years of directly related experience or a Master’s degree and 10 years of directly related experience, or a PhD and 8 years of directly related experience.
• Fourteen (14) years’ experience as an ISSE on programs and contracts of similar scope, type, and complexity within the Federal Government is required
• The Information Systems Security Engineer shall perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies. Validates and verifies system security requirements definitions and analysis and establishes system security designs. Designs, develops, implements and/or integrates IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements. Builds IA into systems deployed to operational environments. Assists architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions.
• Supports the building of security architectures. Enforce the design and implementation of trusted relations among external systems and architectures.
• Assesses and mitigates system security threats/risks throughout the program life cycle. Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. Reviews certification and accreditation (C&A) documentation, pro viding feedback on completeness and compliance of its content. Applies system security engineering expertise in one or more of the following to : system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control
• DoD 8570 compliance with IASAE Level 2 (i.e. CISSP) is required