Please review the job details below.
Maxar is seeking an ISSE to join a multi-faceted software development and systems administration team working to build and maintain software applications backed by a self-managed high-performance compute (HPC) infrastructure on a private cloud system. We are responsible for the system from the hardware to the user interface.
Principal Responsibilities :
- Design, develop, and implement security concepts, controls, and mechanisms.
- Enforce information systems security policies to ensure compliance with regulatory and organizational security requirements.
- Ensure readiness of all security authorization packages for Authorization and Accreditation (A&A).
- Conduct security certification and testing in accordance with the Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) policy.
- Assess security risks and develop mitigation strategies for information systems.
- Support system security engineering efforts by integrating cybersecurity controls into system architecture and development lifecycles.
- Conduct vulnerability assessments, security audits, and penetration testing to identify and remediate system weaknesses.
- Develop and maintain security documentation, including Security Control Traceability Matrices (SCTMs), System Security Plans (SSPs), and Risk Assessment Reports (RARs).
- Analyze test results, identify deficiencies, and provide risk mitigation recommendations.
- Provide technical guidance to developers, engineers, and IT teams on secure coding practices and system hardening.
- Ensure security controls are effectively implemented, monitored, and continuously improved.
- Conduct security training and awareness sessions to reinforce best practices among development teams and stakeholders.
- Assist in incident response and forensic investigations related to cybersecurity breaches or vulnerabilities.
- Stay updated on emerging threats, vulnerabilities, and cybersecurity best practices to enhance organizational security posture.
Minimum Requirements :
- Five (5) years of relevant experience.
- Bachelor of Science (BS) Degree from an accredited university in a technical field is required. Five (5) additional years of experience in storage operations may be considered in lieu of degree.
- Demonstrated experience in ICD 503 certification and accreditation processes.
- Hands-on technical expertise in cybersecurity, including security assessments, system auditing, and secure system development.
- Familiarity with NIST SP 800-37, CNSSI 1253, NIST SP 800-53, NIST SP 800-39, and NIST SP 800-30.
- Top Secret SCI with a CI Polygraph.
Desired Skills :
- Strong written and verbal communication skills.
- Experience with security operations, compliance, and policy enforcement in government or defense environments.
- Knowledge of cloud security, container security, and DevSecOps methodologies.
- Familiarity with STIG implementation and security automation tools.
- Experience with RedHat.
- Experience with virtual environments such as OpenShift or OpenStack.
#J-18808-Ljbffr