Rockwell Collins Sr Security Engineer (ISSO) - Simulation & Training Solutions in Sterling, Virginia
Job ID: 5750
Requisition ID: 5750
Want to work with some of the most talented, dedicated people on the planet? Do you value relationships, commitment, innovation and integrity? Want to be a part of a company that has been named numerous times as America's Best Employer in Aerospace and Defense by Forbes magazine?
Then Rockwell Collins is the place for you. Join our team and build a rewarding career while helping to deliver the most trusted source of aviation and high-integrity solutions in the world.
We are currently searching for a Sr Security Engineer (ISSO) - Simulation & Training Solutions to join our team in Sterling, VA (2300). A comprehensive relocation package is available for qualified candidates. Employing some of the most talented, dedicated people on the planet is not by chance. People from all over the globe choose Rockwell Collins as the place to build a rewarding career, while helping create and deliver communications, integration, and engineering solutions that our global customers demand so that our world keeps moving and stays connected. It's an exciting time to become a part of our team. Join us and discover how high your career can soar at Rockwell Collins.
This software engineering position is within the Simulation & Training Solutions (STS) business area. STS develops and builds simulators and training systems for both military and commercial customers. Devices range in complexity from desktop training all the way up to high fidelity weapon system and full-flight training systems including full visual, motion, and simulator interoperability (HLA/DIS).
Roles and Responsibilities:
Through coordination with project engineers, design information system security infrastructure for program and engineering development network
Documentation of the entire Risk Management Framework (RMF) ATO package
To support Risk Management Framework (RMF) continuous monitoring strategies
May help monitor networks and systems for security incidents and intrusions
May support providing weekly audits of systems related to network and system logging and monitoring
To support Risk Management Framework (RMF) Assessment and Authorization
Support performing Information Assurance (IA) authentication conducting certification and accreditation of systems using the RMF process
May provide DoD Policies/Instructions, STIG, and IAVA guidance, and analysis
Supports providing security services in consultant role to internal and external customers
To support RMF System and Communications Protection
Documents conducting of regular audits of computer systems to determine that they are operating securely and that data is protected from both internal and external attack
Documents assessments of assigned systems to determine system security status and ensures adherence to security policy, procedures, and standards
To support Risk Management Framework (RMF) Incident Response
Reviews security requirements and subsequently reviews systems to determine if they have been designed and established to comply with established standards
Documents the conducting of investigations of security violations and breaches and recommends solutions; prepares reports on intrusions as necessary and provides analysis summary to management
Responds to queries and requests for computer security information and reports from both internal and external customers
To support Risk Management Framework (RMF) Planning
Provides documentation consultation on tasks; maintains documentation for RMF SDLC and makes certain that documentation is available for auditors to review
Documents product upgrades, patches and other general security measures in order to better provide proof of systems security for various clients.
To support Risk Management Framework (RMF) Configuration Management (CM)
Contribute to software engineering requirements capture and analysis in area of domain expertise.
Participate in cross-functional team efforts in definition, integration, Verification & Validation of products and sub-systems of moderate complexity
Able to identify the root cause of moderate to complex software issues and some systems issues using appropriate debug and analysis tools
Escalates and articulates/summarizes encountered technical software issues to project leadership in a timely fashion
Can build entire software stack, automate it, and maintain configuration baselines
Clear understanding of DODI 8500, DODI 8510, DODI 8570.01M, NIST 800-53Rev 4
Experience with information assurance, including accreditation security testing and evaluation
Have a broad knowledge of security methodologies, solutions and best practices
Advanced understanding of the strengths and weaknesses of DISA STIGs
Be comfortable using, configuring, troubleshooting, and administrating both Linux and Microsoft operating systems. Experience with Virtualization technologies such as Hyper-V and VMware
Candidate should have a solid understanding of security guidelines published by the National Institute of Standards (SP 800-53A rev4/FIPS200, SP800-171, FIPS 199/SP800-60, SP800-37, and other SP800 series as necessary)
Experience with Security Content Automation Protocol (SCAP), Assured Compliance Assessment Solution (ACAS), DISA STIG’s, and other DoD approved vulnerability scanning assessment tools
Experience remediating SCAP and ACAS scan results
Experience administering and managing the Host Based Security System (HBSS)
Experience administering and managing Cisco switches and Intrusion Protection Systems (IPS)
Experience administering and managing Windows Active Directory, Group Policy Objects and DNS
Bachelor's degree in a Science, Technology, Engineering or Math (STEM) discipline.
Ability to obtain a DoD Security Clearance
Five or more years of experience in computer science, management information systems, or data security experience
Certification for DoD IAM 8570 compliance, DIACAP/RMF process and implementation experience, SECDesirable Requirements:
Ability to code
Linux command shells,
Certified Information Systems Security Professional (CISSP)
Computer Networking experience
Computer System Administration experience
Ability to document work and RMF controls
Ability to obtain a DOD Secret or above clearance. Applicants selected will be subject to an additional security investigation (above clearance) and will need to meet eligibility requirements for access to classified information. To comply with U.S. export laws and regulations, this position may only employ "U.S. Persons" as defined by the International Traffic in Arms Regulations (ITAR) (22 CFR 126.1) https://www.pmddtc.state.gov/embargoed_countries/. All applicants and employees may be subject to random drug testing in accordance with Executive Order 12564. Employment is contingent upon successful completion of a security background investigation.
At Rockwell Collins, we believe a solid work-life balance creates a healthy lifestyle and inspires creativity and innovation. We value our people and invest in their development, growth and success at our company by providing development opportunities through Rockwell Collins University, networking, mentoring, and tuition reimbursement.
And that's just for starters.
Some of our competitive benefits package includes:
Medical, dental, and vision insurance
Three weeks of vacation for newly hired employees
Company-paid winter holiday shutdown for most locations
Generous 401(k) plan that matches 62.5 percent of the first 8 percent of eligible compensation you contribute (or 5 percent if you save 8 percent)
An Incentive Pay Plan based upon company performance
Interested yet? Apply now and embark on your next worthwhile adventure!
Rockwell Collins is an equal opportunity employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, gender, sexual orientation, gender identity, disability, protected veteran status or any other protected status.