Security Engineer with Security Clearance

DSA is seeking a Security Engineer who can attain a Public Trust clearance to join our team supporting the EPA. The EPA Office of Information Security and Privacy promotes Agency–wide cooperation in managing risks and protecting EPA information in harmony with mission accomplishment. It defines clear, comprehensive and enterprise–wide information security and privacy strategies, including the Program mission, vision, goals, objectives and performance measures. US Citizenship is required.

The Security Engineer will be an integral part of a team responsible for supporting the development and maturation of an Agency–wide information security (InfoSec) program for a large civilian Federal agency. The candidate will provide security engineering support to help the agency comply with statutory and regulatory directives from the Office of Management and Budget, the Department of Homeland Security and enhance security of the Agency's information environment. The candidate may conduct security engineering assessments after the release of directives from national authorities, during early system design inception, and key development activities throughout the life cycle of Agency systems. Additionally, the candidate will be responsible for researching and developing security standards and designs for new capabilities to assist Agency–wide implementation. This role allows for innovative and challenging work that will allow someone to grow professionally and have input into Agency–wide strategies and implementation of secure system design. Desire to be a part of a dynamic team, work remotely, passion for supporting Federal programs. Location is fully remote, with possible travel to DC Client site/DSA office for badging/equipment. Hours: 8 hours during customer core hours of 9–5pm.

Requirements include:

1. US CITIZENSHIP
2. able to attain a Public Trust Clearance
3. Master's degree or equivalent and 12 years relevant security engineering experience. May substitute security certification (e.g. CISSP) for 2 years of experience.
4. Excellent written and oral communication skills including the ability to communicate complex technical issues to non–technical staff.
5. Experience applying, analyzing, and assessing information systems and security controls (NIST SP800–53, Revision 4).
6. Possess in-depth knowledge of NIST 800–37 Rev 2 Risk Management Framework.

Primary Responsibilities:

1. Evaluate functional requirements provided by OMB, DHS, or other sources and help translate into technical solutions.
2. Evaluate information system security throughout the systems development life cycle.
3. Prepare use cases for the development of information security capabilities.
4. Analyze design constraints, trade–offs, and detailed system and security designs.
5. Design control standards for hardware, operating systems, and software applications.
6. Develop, disseminate, and brief detailed security design and supporting documentation.
7. Provide input to cyber capabilities strategies.

Desired qualifications include:

1. Professional advanced certification in cybersecurity e.g., ISC2 CISSP, CISM
2. Experience applying, analyzing, and assessing information systems and security controls (NIST SP800–53, Revision 5)