Remote Information Systems Security Engineer

Description:

• Northstrat is seeking an Information Systems Security Engineer to join their team.
• The ideal candidate will have experience in secure software engineering practices for Department of Defense (DoD) or Intelligence Community (IC) customers.
• The candidate should be familiar with the application of NIST Special Publications 800 security controls and the Risk Management Framework (RMF) process.
• Responsibilities include planning and managing the application of NIST Special Publications 800 series security controls.
• The engineer will perform system vulnerability scanning, document results, and collaborate with the development team to address security findings.
• The role involves generating comprehensive system security documentation and artifacts, including a Plan of Action and Milestones (POA&M), for obtaining and maintaining Interim Authorization to Test (IATT), Authority to Connect (ATC), and Authorization to Operate (ATO).
• The engineer will work collaboratively with team members, Information Assurance, Information Security Engineering, and other Subject Matter Experts to resolve security issues.
• Maintaining thorough documentation of all activities and communications through ticketing systems, operational briefs, and status reports is essential.

Requirements:

• A bachelor’s degree in a STEM-related field is required.
• The candidate must have 6 plus years of relevant experience.
• CompTIA Security+ certification is required.
• US citizenship is mandatory.
• An active Top-Secret clearance is required with SCI or SCI eligibility.
• Knowledge of and practical experience with the NIST Special Publications 800 Series and the Risk Management Framework (RMF) process is necessary.
• Familiarity with secure software engineering practices in support of DoD or IC customers is expected.
• Experience with the Authorization and Accreditation (A&A) process using RMF for classified systems is required.
• The candidate should have experience with vulnerability scanning and testing/validation of false positives/negatives.
• Experience writing POA&Ms and collaborating with team members on remediation of findings is necessary.
• Familiarity with security tools such as Assured Compliance Assessment Solution (ACAS) and Security Technical Implementation Guide (STIG) is preferred.
• Excellent communication and collaboration skills are essential.
• The ability to work independently and as part of a team is required.

Benefits:

• Northstrat values work-life balance and offers power of choice benefits designed to meet the needs of employees.
• The company provides competitive compensation, benefits, and professional development opportunities.
• Employees are not mandated to work specific hours, allowing for flexible scheduling.
• The Individual Benefits Account (IBA) allows employees to select a benefits package that best suits their needs, including paid time off, medical expenses, and cash disbursement.
• The Profit Sharing Plan (PSP) is funded quarterly by Northstrat, contributing to employees' retirement plans.
• All new employees are offered stock options, with additional options available based on individual performance goals.
• Northstrat promotes lifelong learning through company-sponsored training events and reimbursement for work-related education expenses.
• The company has been recognized as one of the "Top Workplaces" by The Washington Post since 2021 and offers employee referral incentives.