logo

View all jobs

Information System Security Engineer / Officer (ISSE/ISSO)

Twentynine Palms, CA
The Information System Security Engineer / Officer (ISSE/ISSO) for Modeling and Simulation Systems is responsible to the Project Manager for the security of the local network (ISSE) and the overall cybersecurity of the project (ISSO).  As the ISSO, he reports to and receives work direction from the Project Manager.  As the ISSE, he reports to and receives work direction from the Project Manager through the local Company Site Lead. The ISSE / ISSO for Modeling and Simulation Systems will perform the following duties:

ESSENTIAL DUTIES AND RESPONSIBILITIES
Role: Information Systems Security Engineer
  • Provide Cyber Security technical and management support to all Battle Simulation Centers (BSCs) and Combined Arms Staff Trainer Facilities (CASTs) on this project.
  • Ensure all BSCs/CASTs comply with cybersecurity policy.
  • Implement cybersecurity solutions in compliance with the RMF, NIST, DoD and Marine Corps policies and standards to establish or sustain ATOs for information systems and networks.
  • Provide cybersecurity oversight, direction, and guidance to the Project BSC/CAST workforce in support of attaining and maintaining ATOs through the RMF process.  
  • Develop and maintain education and training programs for BSC/CAST workforce to effectively maintain operational networks and cybersecurity readiness.
  • Provide instructions and training to Project BSC/CAST workforce on cyber security and information assurance reporting.
  • Monitor and report compliance with Marine Corps Cyber Operations Group (MCCOG) issued Marine Corps Enterprise Network (MCEN) Operational Directives (OPDRS) for all BSC/CAST IT systems, information systems, and network resources.
  • Monitor each ISSE’s Plan of Action for the implementation of patches / updates on all client, server, and system security vulnerabilities using both automated scanning tools and manual compliance checks.
  • Receive reports from each ISSE, collate, and report overall cybersecurity progress to the Project Manager.
  • Review vulnerability and compliance scans performed at the Project BSC/CAST on all networks and services through the use of current DoD Assured Compliance Assessment Solution (ACAS), or other approved solution(s). 
  • Review vulnerability and compliance scanning of Project BSC/CAST networks and services through the use of current DoD Assured Compliance Assessment Solution (ACAS) or other government provided solution. Ensures anonymity is denied to the maximum extent possible.
  • Assess and manage risks associated with information technology resources.
  • Evaluate threats, risks, and vulnerabilities and develop countermeasures to ensure continuation in the event of an IT services disruption.
  • Design and deploy Security Information and Event Monitoring (SIEM) capabilities across BSC/CAST information systems in order to ensure compliance, system monitoring, and reporting requirements.
  • Conduct on-site instruction and technical assistance as required to include field training environments and will, on occasion, participate as a member of a mobile training team.
  • Design and deploy Security Information and Event Monitoring (SIEM) capabilities across BSC/CAST information systems in order to ensure compliance, system monitoring, and reporting requirements.
  • Perform other related duties incidental to the work described.
Role: Information Systems Security Engineer
  • Ensure MCAGCC BSC/CAST complies with cybersecurity policy.
  • Implement cybersecurity solutions in compliance with the RMF, NIST, DoD and Marine Corps policies and standards to establish or sustain ATOs for information systems and networks.
  • Provide cybersecurity oversight, direction, and guidance to the MCAGCC BSC/CAST workforce in support of maintaining ATOs through the RMF process.
  • Monitor and report compliance with Marine Corps Cyber Operations Group (MCCOG) issued Marine Corps Enterprise Network (MCEN) Operational Directives (OPDRS) for all MCAGCC BSC/CAST IT systems, information systems, and network resources.
  • Maintain and update a continuous Plan of Action and Milestones (POA&M) for reporting to the ISSO on the implementation of patches / updates on all client, server, and system security vulnerabilities using both automated scanning tools and manual compliance checks.
  • Report cybersecurity results, activities and projections to ISSO.
  • Run and review vulnerability and compliance scans performed at the MCAGCC BSC/CAST on all networks and services through the use of current DoD Assured Compliance Assessment Solution (ACAS), or other approved solution(s) as required.
  • ​Provide weekly reports to the Company Site Lead and ISSO, and status updates to the Government representative for all client, server, and network infrastructure software patches and updates, security vulnerabilities and fix actions, current security vulnerability POAMs, and action required in response to Operational Directive (OPDRS).
  • Ensure sufficient patch management processes are implemented using IBM Big Fix, or Microsoft client management solutions (e.g., MS SCCM) to minimize cybersecurity vulnerabilities and comply with Operational Directives (OpDirs) in support of day‐to‐day operations and training events and exercise.
  • Implement Information Assurance Vulnerability Alerts (IAVAs), OpDirs, Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs), patches, and industry best practices to ensure cybersecurity compliance of BSC/CAST information, C2 and simulation systems.
  • Prepare and maintain A&A related documentation (i.e., site inventory, software baseline, equipment lists, ports, protocols, and services management (PPSM), self-assessment / test plans, etc.), POA&Ms, security plan, vulnerability scans, Security Assessment Report (SAR), contingency plans, information assurance vulnerability management plans, cybersecurity waiver requests, cybersecurity waiver extension requests, and Federal Information Security Management Act (FISMA) related reporting requirements within Marine Corps Certification and Accreditation Support Tool (MCCAST).
  • Configure and implement Host Based Security System (HBSS) policy to achieve compliance with other USMC C2 information systems (e.g., AFATDS, JADOCS, TBMCS, TCS, etc.).
  • Install, operate, maintain, and troubleshoot HBSS client and server elements and modules to support day‐to‐day operations and training events and exercises.
  • Draft written reports to designated Government representative reporting and correcting BSC/CAST cybersecurity security violations.
  • Ensure personnel accessing information systems have the proper IA certification to perform privileged or cybersecurity functions per DoD 8570, Information Assurance Workforce Improvement Program; (DoD 8140) and the SECNAV M-5239.2, Department of the Navy Information Assurance (IA) Workforce Management Manual to Support the IA Workforce Improvement Program; and USMC HQMC ECSM 024, Cybersecurity Workforce Program Management.
  • Maintain current and historical documentation of all BSC/CAST DoD Information Assurance Certification and Accreditation Process (DIACAP) and RMF Assessment and Authorization (A&A) packages.
  • Submit Marine Corps Certification and Accreditation Support Tool (MCCAST) packages as required.
  • Provide consistent reporting environment to maintain and track IT assets and ensure systems are securely managed regardless of location by providing patch coverage across operating systems and applications for improved defense against the latest vulnerabilities.
  • Assess and manage risks associated with information technology resources.
  • Evaluates threats, risks, and vulnerabilities and develop countermeasures to ensure continuation in the event of an IT services disruption.
EDUCATION & EXPERIENCE
  • High school diploma.
  • At least three years of experience in cybersecurity.
  • Well versed in USMC and DoD cyber security compliancy, instructions, policies and regulations.
CORE SKILLS/COMPETENCIES
Required Knowledge, Skills and Abilities
  • Proficient in DoD Information Assurance Certification and Assurance Process (DIACAP), Risk Management Framework (RMF), Marine Corps Certification and Accreditation Support Tool (MCCAST), Assured Compliance Assessment Solution (ACAS), Security Technical Implementation Guides (STIGs), Security Content Automation Protocol (SCAP), and DoD Host Based Security System (HBSS), Windows Server 2012 R2 and Windows 10 Client enterprise environments, Microsoft Windows Server Update Services (WSUS), Microsoft System Center Configuration Manager (SCCM), and IBM Big Fix.
  • Proficient in Microsoft Word, Outlook, Excel, PowerPoint and SharePoint.
  • Documented experience and solid understanding of DoD enterprise network policies with a strong security mindset.
  • Excellent interpersonal and communication skills with the ability to interact with others and senior management.
  • Able to read, write, and communicate effectively in English. 
  • Able to design and write clear communications and present training programs.
  • Strong analytical and problem solving skills
  • Excellent organizational, planning and prioritization skills
WORKING CONDITIONS
  • Work is conducted on site, in a classified government facility.
  • Required to sit for extended periods of time and maintain focus
  • May be required to lift, carry and move computer and associated equipment.
  • Daily travel in local area during work day (including use of personal vehicle) may be required.
  • Must be able to work an unstable schedule, to include holidays and weekends in support of exercises/training.  Exercises often require shifts of 12 hrs per day, 7 days a week for the duration of the exercise, which normally are 1-3 weeks in length.
  • May require occasional CONUS and OCONUS travel for 1-3 weeks at a time.
SPECIAL POSITION NOTATIONS
  • Active Secret Clearance required
  • Must meet and maintain DoD Cyber Security Workforce program requirements for Information Assurance Technical (IAT) Level II or higher.  (Current DoD approved IA baseline certification includes CCNA Security, CySA+, GICSP, GSEC, Security+ CE, or SSCP.)
  • Must possess and maintain CompTIA CySA+ certification.
  • Must possess at least of one valid Computing Environment (CE)/Operating System (OS) Certificate (i.e. MS Windows Server 2012 R2 Cert, MS Windows 10 cert, a VMware 6.0 Cert).
  • Must possess and maintain training and certifications sufficient to be granted privileged access to Marine Corps information technology (IT) and information systems (IS) through documented completion of required training and certification.
  • Ability to obtain or have a Marine Corps Compliance and Authorization Support Tool (MCCAST) account is required. 
  • Valid U.S. Passport.
Corps Solutions is a Drug Free Workplace and Equal Opportunity/Affirmative Action Employer. All hiring decisions are based on nondiscriminatory factors without regard to race, color, religion, disability, national origin, sex, pregnancy, childbirth, or related medical conditions, marital status, age, veteran status, genetic information, sexual orientation, gender identity or any other class protected by law. In addition, Corps Solutions engages in affirmative action efforts, where appropriate, to employ, train and promote qualified minorities, women, the disabled, disabled veterans, newly separated veterans or other protected veterans. This organization participates in E-Verify.  If you require assistance applying for any currently open online position, please contact a Corps Solutions representative at careers@corps-solutions.com.

Equal Employment Opportunity is the Law

Pay Transparency Nondiscrimination Provision

More Openings

Fire Desk Operator
Aviation C2 Exercise Planner
Network Engineer

Share This Job

Powered by