Principal Information Security Systems Engineer - Remote Opportunity

Serco is a leading company in providing vital services across various sectors, including Defense. They are seeking a Principal Information Security Systems Engineer to support the readiness of America's Navy ships and aircraft by working on cloud system security and ensuring compliance with security frameworks.

Responsibilities:

• Coordinate Enterprise Mission Assurance Support Service (eMASS) and DoD Risk Management Framework (RMF) efforts
• Monitor and maintain security controls and Plans of Action & Milestones (POA&Ms) for multiple cloud applications
• Maintain vulnerability scans and effect resolution
• Process eMASS workflows for cloud applications
• Maintain Authority to Operate systems
• Develop use cases as required
• Coordinate team security training
• Coordinate with Navy Qualified Validator to resolve control findings
• Coordinate efforts to ensure security documents are up to date
• Provide inputs to weekly and monthly government reports and support emerging government tasking
• Create and maintain information system security documentation, Standard Operating Procedures (SOP), and provide guidance on active POA&Ms in accordance with NIST revisions
• Conduct periodic and continuous monitoring of the system, procedures, and documentation to ensure compliance with the authorization package
• Work within the IA team to perform basic system administration and maintain various IA tools, including audit collection and reporting systems, vulnerability management programs, and other continuous monitoring capabilities
• Participate in the change management process, including reviewing change requests and assisting in the assessment of security impact of proposed changes and migrations
• Monitor system recovery processes to ensure security features and functions are properly restored and functioning correctly following an outage
• Coordinate information assurance program controls in accordance with DoD requirements
• Identify deficiencies and provide recommendations for solutions; track findings with POA&M through mitigation and/or risk acceptance

Requirements:

• An active Secret security clearance
• A Bachelor's degree (preferably in telecommunications, computer science, information systems management, electrical engineering, computer engineering or similar field of study)
• 5 plus years' experience with information networks and related security concerns
• 4 years of experience with RMF tools including eMASS
• DoD 8570.1 / DoD 8140.01 (IAT II Level certification)
• Experience using various IA tools in audit collection, audit review, audit management, and end point protection (HBSS, MDE /MDI)
• COMPTIA Security + or higher, Certification highly desired
• Experience with Splunk Enterprise operations is preferred and Splunk certifications are highly desired