Information Systems Security Engineer (ISSE)
Company: Maxar Technologies Ltd
Location: Myrtle Point
Posted on: June 8, 2021
Please review the job details below.
Maxar is seeking an Information Systems Security Engineer to
leverage modern virtualization software, cloud infrastructure,
machine learning, and highly paralleled compute architecture in a
unique project with broad applications. Supporting real-time
operations on a global scale in a variety of application spaces
including intelligence and law enforcement, the project offers a
variety of challenges and interesting problems to solve. If you are
an Information System Security Engineer seeking meaningful work
that has a real impact, contact us right away to learn more.
- Design and implement strategies to secure Maxar and client
systems (on-prem, cloud) against all threats.
- Install, configure, develop, and maintain security systems
across all levels of the environment, including OS, application,
- Monitor the integrity of the software development lifecycle and
- Test, audit, and verify compliance with appropriate
- Continuous upkeep, monitoring, analysis, and response to
Information system, network and security events.
- Perform all auditing and associated reporting duties as
specified by Continuous Monitoring directive, organizationally
defined requirements and regulatory mandates.
- Provide annual assessment support.
- Documents compliance actions within the approved automated
compliance tracking system or develops a Plan of Actions and
Milestones (POA&M) to address non-compliance in the allotted
- Develop procedures and documentation to ensure compliance with
configuration management (CM) for security-relevant IS software,
hardware, and firmware.
- the author required information system security-related
documentation as required by cognizant security authority and IAW
RMF, NIST, SAP/SAR, ICD, and published standards.
- Ensures systems are operated, maintained, and disposed of in
accordance with internal security policies and practices outlined
in the System Security Plan (SSP), Standard Operating Procedures
(SOP), and customer directives.
- Ensures records are maintained for workstations, servers,
software, virtual routers, virtual firewalls, virtual network
switches, crypto, and other relevant hardware/equipment throughout
the information system's life cycle.
- Evaluates proposed changes or additions to the information
system and advises senior site leadership of the security
- Participates in internal/external security audits/inspections;
performs risk assessments and Continuous Monitoring.
- Lead investigations/remediation of computer security violations
and incidents, reporting as necessary per Incident Response
- Ensure proper protection and/or corrective measures have been
taken when an incident or vulnerability has been discovered.
- Oversee the completion of entry/exit forms for equipment and
media entering secured areas.
- Lead the authorization process for new hardware and software
- Author, review and update operation instructions (OIs) and
assessment and authorization documentation (Body of Evidence) to
support re-authorization activities.
- Must be a U.S. Citizen and be willing and able to obtain a
- BS degree plus 5-7 years of prior relevant experience, Masters
with 3 years of prior relevant experience, or equivalent work
- Linux skills
- Detailed understanding of the Risk Management Framework (RMF),
NIST, ICD, and CNSS standards.
- Must be able to work in a constantly changing regulatory
environment with short, mid, and long-term timelines for
remediating any non-compliant
- Must be able to work well within a team environment and able to
adapt quickly to change
- Familiarity with information system requirements and best
practices within a classified environment
- Good writing and verbal presentation skills
- TS/.SCI w/CI Poly (given Northern Virginia)
- Experience in Python programming
- Familiarity with JSON
- Expertise in other languages welcome (Bash, Ansible, etc.)
- Experience with AWS (designing, securing and provisioning
systems within the AWS cloud (CloudFormation, IAM, CloudWatch,
CloudTrail, S3)) CEH or CHFI a plus
- Background or understanding of System Security Plans (SSP)
- Security hardening scripting/automation experience
- Linux certification (RHCSA and or RHCA desired)
- Current DHS Suitability or EOD
- Experience with Xacta 360
- Previous ISSO/ISSM or experience with Assessment and
Authorization requirements (POA&Ms, controls, etc.)
- Google Fu - Black Belt
Maxar Technologies values diversity in the workplace and is an
equal opportunity/affirmative action employer. All qualified
applicants will receive consideration for employment without regard
to sex, gender identity, sexual orientation, race, color, religion,
national origin, disability, protected veteran status, age, or any
other characteristic protected by law.
Keywords: Maxar Technologies Ltd, Medford , Information Systems Security Engineer (ISSE), Other , Myrtle Point, Oregon
Didn't find what you're looking for? Search again!