TECHFLOW INC Information System Security Engineer in Albuquerque, New Mexico
Information System Security Engineer
Information System Security Engineer
Digital Services – remote/telecommuter (Charleston SC – based team) - Full Time
TechFlow is seeking highly motivated Cybersecurity professionals to provide Risk Management Framework (RMF) and Information System Security Engineer (ISSE) support to multiple DOD customers. TechFlow RMF and ISSE professionals directly impact the security posture of DOD developmental and production systems. Our Cybersecurity teams operate under leveraged and matrixed team approaches allowing for task execution agility in dynamic environments and breadth of experience opportunities for team members.
TechFlow is cultivating an expanding portfolio of Cybersecurity, IT development, and system/enterprise modernization efforts. Our corporate culture thrives on out of the box thinking and entrepreneurial innovation in propelling ideas to solutions with measurable customer and mission impacts. As a 100% employee-owned company, our employee-owners have a shared expectation of commitment, accountability for actions, and responsibility for success. Successful ISSE candidates will have opportunity to contribute to our team’s efforts in securing our Nation’s defense systems while expanding their individual experience and abilities.
Position Description Position serves as the principle Risk Management Framework (RMF) and system Assessment and Authorization (A&A) subject matter expert supporting the system Program Office and Information System Security Manager (ISSM) with the development, implementation, and execution of an effective system security program for DOD operational/tactical systems
Serve as the primary security engineering representative on system development and engineering teams to enable RMF processes within the design, development, implementation, evaluation, and/or integration of networking, computing, and enclave environments.
Work across system and technology engineering teams, stakeholders, system users and information owners to develop, implement, evaluate, and/or integrate risk-based system and software security controls and postures.
Perform security engineering functions across all System Development Lifecycle phases supporting development, implementation, and system sustainment activities.
Support security planning, assessment, risk analysis, and risk management to include A&A activities and development/update of security documentation artifacts such as Security Control Traceability Matrices, Security Plans, Plan of Actions and Milestones, and Continuous Monitoring Plans.
CONUS travel required to support cyber security analysis efforts, assist with vulnerability remediation and promote mitigation efforts.
BA or BS and four years Cybersecurity/IA experience
IAT/IASAE Level II qualifying certifications and KSAs
Active DOD SECRET clearance
Knowledge and experience applying Cybersecurity regulations and policy, including federal mandates, FISMA, and DOD-specific regulations
Ability to travel CONUS
Eight years’ experience with RMF processes and deliverables encompassing consistent growth in responsibilities
Experience applying and implementing cybersecurity regulations: NIST RMF related SPs (800-30, 800-37, 800-39, 800-53, 800-53A, 800-60, FIPS PUB 199, 200), CNSSI 1253, and DODI 8510.01 to achieve secure, technical designs and solutions
Ability to understand the impact of cybersecurity on an information system and its organization, and in developing technical mitigation strategies
Experience providing RMF and Cybersecurity support under multiple development methodologies to include waterfall, Agile, and DevOps
Experience with vulnerability assessment tools, Nmap, Wireshark, Burp Suite, ACAS (Nessus), etc.
Experience with Static Code Analysis tools such as HP-E Fortify, Checkmarx, etc.
Experience with security hardening using DISA SRGs, STIGs and industry best practices
Self-motivator with ability to work as part of a team or independently with little supervision or direction
Professional oral and written presentation skills
Founded in 1995 at the start of the dot-com revolution, TechFlow helped large commercial firms such as Dreamworks, Toshiba, MGM, and key government agencies modernize their critical systems using what has become Agile At Scale software development. Today, with deep operational roots in the bi-coastal innovation hubs of California and Northern Virginia, TechFlow continues as a leader in applying innovative software engineering solutions and technology to the US Government and commercial entities. TechFlow has had great success at combining its entrepreneurial nature to the company’s deep experience with mission critical systems to solve the most demanding business challenges.
In 2015, TechFlow leadership made the ultimate commitment to our employees by converting to a 100% employee company, making each employee an owner of TechFlow. TechFlow is defined by its people and the values by which we live. We attract and recruit the finest people in the world. We build our organization from within, promoting and rewarding people without regard to any difference unrelated to performance. Supported by culture driven by innovation and customer mission-focus, our corporate vision holds firm to the belief inspired individuals, unbound by convention and position, will compound their abilities resulting in great things for our customers, company, and individual employee-owners.
TechFlow’s employee-owners, our people, are our greatest asset. TechFlow promotes a healthy work-life balance offering:
Innovative compensation plans including Employee Stock Ownership Plan and 401K (with company matching)
Flexible Spending Plans
TechFlow is an equal opportunity employer (Minority / Female / Disability / Vets)
Selected candidates will be subject to a government security investigation and must meet eligibility requirements for access to classified information as a condition of employment
Eligibility requirement: U.S. Citizenship; active DOD Clearance
TechFlow may consider your application and resumes for other current and future available positions.