Information System Security Engineer
About the Department
The Information Assurance Security Engineering team is dedicated to providing value to DigitalGlobe by enhancing Information Security for government programs. We have two key focus areas; ICD-503 A&A Projects and next generation (P20/20) security engineering. The DigitalGlobe Information Assurance Security Engineering team is currently developing and implementing ICD-503 A&A program strategies to ensure and maintain Authorization to Operate government accredited information systems. A&A programs that efficiently measure real risk vs mandated compliance is critical to enabling systems security that is effective in ensuring confidentiality, integrity, and availability.
This professional coordinates across DG departments to help ensure that security and compliance needs are met across accredited systems
This person will work with user, system administrator, and application owners in the implementation of an information security strategy, designed to provide a high level of security over data processing resources while preserving system usability of government accredited systems. This professional must be able to develop and implement flexible security solutions that meet the needs of a hybrid government/commercial business environment. The individual must be a results-oriented person who can achieve tangible improvements in the System Accreditation arena. Excellent technical and communications skills are a must.
Duties & Responsibilities
- Support system accreditation activities, including the creation of implementation and test plans
- Responsible for implementing and monitoring security solutions that ensure the integrity, confidentiality, and availability of information and accredited systems
- Support the development and implementation of policies, standards and guidelines related to information security and compliance
- Manage the implementation and maintenance of key security technologies and processes including identity and access management, vulnerability assessment and penetration testing of software and hardware, configuration management and change detection, and security event management
- Assist in the review of applications and/or technology environments during the development or acquisitions process to assure compliance with corporate security policies and directions
This position requires a minimum of 5 to 7 years of security experience working in a medium to high complexity production environment.
- Existing security clearance (SECRET) is required and the ability to obtain SCI accesses
- Bachelor of Science in Computer Science or related degree or equivalent experience
- Experience with ICD 503, DCID 6/3, NISPOM and related US Government standards and requirements
- Experience with implementing security controls for System Accreditation.
- CISSP, CISA, CISM, CEH, or equivalent certification meeting DoD 8570/8140 requirements
- Knowledge of Unix and Windows authentication, authorization, privilege escalation mechanisms, access control, and auditing/logging procedures
- Knowledge of network administration and security practices and procedures, including routine network auditing
- Knowledge of key security technologies including vulnerability ACAS, ArcSight, HBSS, Tripwire.
- Experience with AWS and OpenStack cloud environments
- Experience with writing scripts (python, perl, bash)
- Ability to multitask and prioritize projects, appropriately manage expectations, make difficult judgment calls and communicate complex issues in an easy to understand format.
- Ability to prepare multiple types of documentation, policies, guides, communications, presentations, etc.
- Must have excellent verbal and written communication skills
- Must possess strong analytical skills, flexibility, and be able to work in a team environment
DigitalGlobe offers a generous compensation package including a competitive salary; choice of medical plan; dental, life, and disability insurance; a 401(K) plan with competitive company match; paid holidays and paid time off.
DigitalGlobe is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, gender identity and expression, age, disability, veteran status, or any other protected factor.
Information and Insight products, High-resolution imagery
Company Type: Public Company
Company Size: 1,001-5000