Information Systems Security Engineer with Security ...

What you will be doing Tyto Athene is seeking an experienced Information Systems Security Engineer (ISSE) to work in our Amherst, Virginia location and customer sites. The Information Systems Security Engineer will be responsible for supporting Tyto Athene in the development of customer documentation and completion of deployment tasks and functions associated with the DoD Information Assurance Certification and Risk Management Framework (RMF). The ISSE will be the resident Subject Matter Expert (SME) on Cybersecurity related topics and will support other Tyto Athene personnel during the execution of similar Information Assurance tasks as required. Responsibilities: * Ensuring regulatory compliance of customer systems and applications by hardening of Operating Systems, applications, and network infrastructure using tools such as Department of Defense Security Requirement Guides (SRGs) and Security Technical Implementation Guides (STIGs). * Validating compliance by conducting vulnerability scans for operating systems and network infrastructure using eEye Retina and Assured Compliance Assessment Solution (ACAS). Provide remediation support to field personnel in the event that vulnerabilities are identified. * Supporting development and maintenance of a system-specific Plan of Action and Milestone (POA&M). * Defining, creating and maintaining security documentation for certification and accreditation (C&A) of customer information systems in accordance with government requirements. Complete necessary accreditation paperwork such as Application Security and Development Checklists. * Reviewing system security documentation in order to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes and document security relevant changes. Perform software scans on networks and computers for vulnerabilities. * Working with self-signed certificates and Department of Defense (DoD) public key infrastructure (PKI). * Performing research and assessing the impacts on system modifications, technological advances, and malicious code. * Performing software updates, copying logs, and performing password resets. * Enforcing password complexity, password lifetime, auditing mechanisms, and session controls on multiple operating systems and platforms. * Working closely with government Information Assurance representatives to support activities required to obtain Interim Authorization to Operate (IATO), Authorization to Operate (ATO) certifications as required during the course of deployment activities. * Expanding the Tyto Athene Cybersecurity training program in order to further develop personnel capable of hardening Operating Systems, applications, and network infrastructure using tools such as Security Technical Implementation Guides (STIGs) as well as conducting vulnerability scans for operating systems and network infrastructure using eEye Retina and ACAS. Qualifications: * Associates degree in Information Technology, Engineering or Computer Science discipline. 5 years or greater direct relevant technical experience may be substituted for education. * Must be DoD 8570.01-M certified at the IAT II level at time of hire. IAT Level II certifications include one of the following: * GSEC * Security+ ce * CCNA Security * SSCP * Position requires an active DoD SECRET security clearance. * Must be able to obtain a valid passport. * A valid driver''s license is required. * Knowledge of and experience with the Risk Management Framework (RMF) the DoD Information Assurance Program, National Institute of Standards and Technology (NIST) standards, Federal Information Processing Standards (FIPS) standards, Common Criteria Evaluation Scheme (CCEVS) program, Federal Information System Control Audit Manual (FISCAM), as well as relevant Defense Information Systems Agency (DISA), Department of Defense (DoD) and Army, Navy and Air Force policy, procedures and guidance related to information assurance. * Must have strong technical skills in a variety of the following areas: networking, system engineering, Cisco, Windows OS platforms, Red Hat, database design/admin. * Experience conducting risk assessments of planned and operational information systems to identify vulnerabilities, risks and Cybersecurity controls needed. * Experience with technical architectures and tools for computer network defense. Must be able to understand networking to apply IA concepts and make informed decisions about the effect on network security that a given change to a network might have. * Ability to develop, review and update security artifacts, evidence, findings, Plans of Action and Milestones, Contingency Plans, Disaster Recovery Plans, and all other required compliance documentation in an oversight (auditing) role. * Familiarity with Enterprise Mission Assurance Support Service (eMass). * Expertise in vulnerability management, mitigation and reporting methods and tools. * Experience with McAfee EPO, specifically HBSS/HIPS management. * Experience with Nessus Scanner (ACAS) and Security Content Automation Protocol (SCAP). * Experience with DISA Security Technical Implementation Guides (STIGs). * Strong knowledge of Windows Server 20xx and Virtual Environment software (VMWare, VSphere, etc) * Experience with SQL/Oracle database * Working knowledge of Microsoft Office, Visio and other tools. * Ability to work on a team to provide Cybersecurity support to customer in a military environment. * Candidates must be highly analytical and effectively able to troubleshoot and prioritize needs, requirements and other issues. Aside from technical skills, prospective candidates should have excellent communications, teamwork, leadership and conflict management skills. Must be committed to continuous learning and system development. * Ability to successfully handle multiple priorities simultaneously. * Ability to work extremely flexible hours. * Willingness and ability for extensive travel, as much as 70% of the time, in support of customer requirements. * The Information Assurance/Security Engineer is expected to perform his/her duties with minimum supervision and participate in cross-functional projects as schedule About Tyto Athene Tyto is an IT services and solutions company that provides mission-focused digital transformation to enhance the client experience and enable them to achieve desired outcomes. Tyto''s services and solutions embody its domain expertise in four major Technology domains: Network Modernization, Hybrid Cloud, Cyber Security, and Enterprise IT. Tyto offers a broad range of service delivery models including design/install projects, Managed Services, and ''As-a-Service''. With over fifty years of experience, Tyto supports Defense, Intelligence, Space, National Security, Civilian, Health and Public Safety clients across the United States and around the globe. After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise. Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your career -- it''s time to join Team Tyto! Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled

Created: 2025-10-04