Engineer Software II

Purpose of Position

Responsible for system administration and security compliance of visual simulation systems and appliances. Application areas include real time image generation; visual environment / display system operation, measurement, and alignment; computer systems and information security. Intermediate Level; continuing development level. Performs more varied and difficult aspects of the job; may need guidance on job duties; applies learning to recommend options to address unusual situations. Works with senior Teammates. Work is observed and reviewed.

Tasks and Responsibilities

• Perform analysis and evaluation to design, implement, test and field secure systems, networks, and architectures, with emphasis on simulation based image generation.
• Analyze information technology and system risk in complex environments and articulating results to all levels of personnel.
• Ability to develop and interpret security architectures, data flow diagrams, engineering electrical/pinout drawings, and publications that depict the system(s) architecture
• Ability to be able to identify risk areas of non-compliance and propose solutions to design to full-fill operational requirements and meet cybersecurity requirements simultaneously.
  Develop, implement, and enforce information systems security policies ensuring system security requirements are addressed during all phases of the acquisition and Information System (IS) lifecycle.
  Conduct certification and testing in accordance with the Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) policy; identify deficiencies and providing recommendations of risk mitigation to customer.
  Support the company to resolve conflicting system security engineering requirements that are established by the customer.
• Helps establish and maintain security standards and configurations with the assistance of other security software engineers.
• Provide information security guidance and direction to program and engineering management and participants.
• Performs regular audits/scans of IG systems to insure compliance with standards (i.e. patching, updates, configurations, usage)
• Responds to the needs and questions related to IG security. A resource for IG security issues in general.
• Loads and updates patches, firmware/software upgrades as required.
• Support business units compliance with applicable IG security related DFAR, NISPOM, Export Control, IA/Cyber Security requirements.
• Performs role of ISSE under NISPOM and DSS.
• Performs IA/Cyber security oversight and liaison with customer for production devices delivered to DoD. Including but not limited to supporting activities for customer to obtain ATO at delivery.
• Maintains active role in the security community. (NCMS, ISAC, Infragard, etc.) Continuously monitors information related to emerging threats, IT security standards, practices and supporting technologies.  
• Makes recommendations for enhancements or improvements to IG security based on current standards, emerging threats, flow down requirements from Customers, DoD, and DSS.
• Audit IG and production computing systems to insure proper tactical implementation of security standards, policies, and system plans (as applicable).

• Ability to develop baseline production processes that support the system(s) architecture, including hardware/software integration and configuration

• Exhibit and practice professional and courteous behavior while interacting with both internal and external customers.

Minimum Education

• Bachelor's degree in Computer Science or other applicable technical field; and two years related experience; or equivalent combination of education and experience. Knowledge and expertise for this level usually results from internal progressive experience. However selection for this position is based on the demonstrated ability of the person to successfully fulfill the requirements listed.

Minimum Experience

• Bachelor's degree in Computer Science or other applicable technical field; and two years related experience; or equivalent combination of education and experience. Knowledge and expertise for this level usually results from internal progressive experience. However selection for this position is based on the demonstrated ability of the person to successfully fulfill the requirements listed.

Knowledge, Skills, Abilities

• Technical knowledge in security engineering and IT systems engineering.
  Experience with testing methods, automated tools, plans, and procedures for verification of compliance and vulnerability requirements.
• Experience with modern networks, operating systems, databases, and virtual computing.
• Experience with IA/Cybersecurity requirements including Risk Management Framework (RMF) requirements.
• Strong working knowledge of Windows based server and workstation environments
• Experience in SDLC, scripting, and network administration.
• Experience in Windows administration scripting languages (Powershell, Python, Perl, Bash)
• Enterprise network and asset analysis 
• Enterprise network and asset analysis tools
• CompTIA Security+ certification is required
• An active Security clearance (Secret) or the ability to qualify for such is required.
• Occasional travel expected

Physical Demands and Work Environment

The physical demands and work environment described here are representative of those that must be met and or encountered by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While the duties of this Job, the employee is regularly required to sit; use hands to finger, handle, or feel and talk or hear. The employee is occasionally required to stand; walk and reach with hands and arms. The employee must occasionally lift and or move up to 10 pounds. Specific vision abilities required close vision, distance vision, color vision, peripheral vision, depth perception and ability to adjust focus. While performing the duties of the Job, the employee is occasionally exposed to moving mechanical parts and vibration. The noise level in the work is usually moderate.