Job Title: Information Security Systems Engineer
Job Code: 15143
Job Location : Palm Bay, FL
Job Description :
Applies current Systems Security Engineering methods, practices, and technologies to the architecture, design, development, evaluation, and integration of systems and networks to maintain system security. Works closely with Government customers to ensure that the security protection needs, concerns, and requirements are defined and implemented with appropriate fidelity and rigor, early and in a sustainable manner throughout the life cycle of system that will allow for the security authorization of the system of interest. Works with systems developers or commercial product vendors in the design and evaluation of state-of-the-art secure systems, networks, and database products. Uses methods such as encryption technology, vulnerability analysis, and security management. Responsible for integration of multiple methods into a cohesive system security perimeter and environment and the policies and procedures necessary to monitor and maintain such an environment. Will prepare Certification and Accreditation documentation, using multiple standards under RMF and derivative processes (DOD 8510, JSIG, ICD-503, CNSSI 1253), to achieve security authorization of supported systems. Represents program security needs, concerns and requirements at customer meetings.
Responsibilities:
Work with a team of driven, supportive and highly skilled subject matter experts to shape program planning, test planning, technical designs, and acquisition strategies. Provide expertise on technology maturation and protection strategies; mission analyses; systems engineering and integration reviews; technical risk mitigation; requirements development; and inform acquisition milestones and modernization investment decisions. Support the development and application of system security engineering, and program protection plans. Liaison with the Anti Tamper Executive Trainer and Agent throughout program lifecycle.
Essential Functions :
Program Protection and System Security Engineering experience to include support of accreditation activities.
Systems integration/systems level engineering experience with DOD weapons or sensor systems, including electronic design, analysis or system test or system integration.
Familiar with electronic components found in modern systems, including Integrated Circuit, FPGAs and ASIC technologies.
Knowledgeable of protection features and devices, system development processes, or system level testing a plus.
Owns the development and maturation of security features for products
Collaborates and builds solutions with engineering teams to meet and exceed system security goals
Simulate and analyze attacks paths against products and integrated components to uncover potential weaknesses
Collaborates with manufacturing and operations teams to develop secure handling and operational processes
Engages with teams to remediate uncovered weakness in designs, implementations, integrations, and processes
An understanding and the use of the application of DoDI 8500.01, DoDI 8510, DoDI 5200.39, DoDI 5200.44, DoDI 4140.67, NIST 800-53, NIST 800-171, NIST Handbook 162, and Risk Management Framework (RMF)/ DoD Cybersecurity Certification and Accreditation activities
Experience with DoD environment to include a comprehensive understanding of DoD acquisition and system security engineering policies
Strong knowledge of the DoD weapon system acquisition and Systems Engineering processes defined in DoD policy and guidance
Experience with Anti-Tamper, DoDD 5200.47E
Excellent interpersonal and communication (oral and writing) skills Must have experience in using critical thinking to prepare written reports and presentations for senior-level officials
Experience with A&A package processing.
Experience in DoD software selection and approval processes for COTS, GOTS and FOSS.
Support security engineering activities, including basis of estimate development, requirements development, design, test, configuration management and maintenance of information systems and data.
Assist program security in the development of policies and procedures for emerging security technologies.
Support vulnerability assessment activities as required.
Support the evaluation, qualification, testing and delivery of security architecture improvement, obsolescence replacement and vulnerability response projects.
Experience with Security Testing and Verification
Work is to be accomplished 100% onsite, in a lab environment, no options for remote support.
Qualifications :
Education:
Bachelor’s Degree and minimum 6 years of prior relevant experience.
Graduate Degree and a minimum of 4 years of prior related experience.
In lieu of a degree, minimum of 10 years of prior related experience.
Program Protection and System Security Engineering experience.
Active Collateral Secret Clearance
Must be able to obtain and maintain a DOD 8140 certification (or NIST 800-181), appropriate for the position within 6-months of start.
Preferred Additional Skills:
Experience in Static Application Security Testing (SAST) for Application Security and Development STIG compliance using tools such as Fortify and Gitlab as part of a DevSecOps Continuous Integration/Continuous Deployment (CI/CD) Pipeline, and generation of summary reports.
Experience in configuration and use of cyber defense and vulnerability assessment tools such as ACAS and SCC.
Experience in Model-Based Systems Engineering (MBSE).
NSA Type 1 Certification of cryptographic high value products.
Experience with NSA High Assurance products and IASRD requirements.
Understanding of security control inheritance in terms of IaaS, PaaS, and SaaS relationships.
Experience in the application of DISA SRGs and STIGs.
Windows and Linux system administration skills.
Experience in the content development and administration of SEIM/audit reduction tools (e.g., Splunk).
DOD 8570.01M IASAE II or IAT II Certification is desired.
Strong understanding of engineering processes, concepts and information security systems engineering principles (NIST SP 800-160 Vol1).
Experience in Cyber Defense technologies.
Experience with CI/CD, agile system development, and DevSecOps tools and processes.
Understanding of system vulnerabilities and exploitation.
Active TS/SCI Clearance is highly desired.
L3Harris Technologies is proud to be an Affirmative Action/Equal Opportunity Employer. L3Harris is committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All applicants will be considered for employment without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender (including pregnancy, childbirth, breastfeeding or other related medical conditions), gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, characteristic or membership in any other group protected by federal, state or local laws. L3Harris maintains a drug-free workplace and performs pre-employment substance abuse testing and background checks, where permitted by law.