Raytheon Technologies is looking for a Computer Systems Security Engineer (SE), who also possesses knowledge as an Information Systems Security Engineer (ISSE). The SE/ISSE is responsible for multiple infrastructure and rapid prototype projects, assisting the customer in generating and maintaining security documentation for system hardware and software to include system security plans (SSPs), equipment lists, software/hardware lists, practices, procedures, etc. The ISSE duties shall include, but not limited to the following:
•Serve as Information security lead for multiple infrastructure and rapid prototyping projects.
•Develop and review security concept of operations, systems security plans, security control assessment, contingency plans, configuration management plans, incident response plans, plans of action and milestones, risk management plans, vulnerability scanning and/or vulnerability management plans.
•Maintain security documentation for system hardware and software to include but not limited to the Systems Security Plan, equipment lists, software lists, system concepts of operations, system security design, implementation practices and procedures.
•Evaluates potential security risks and takes appropriate corrective, mitigation, and recovery actions.
•Oversees the applicable patches are implemented, including information assurance (IA) vulnerability alerts (IAVA) and other related vulnerability patching that is applicable.
•Working with engineers and systems administrators to resolve system issues, develop mitigation and remediation strategies
•Responsible for scanning systems and reporting findings
•Review security test results to identify weaknesses, technical flaws, and vulnerabilities.
•Implements security engineering principles to review security requirements, verify implementation, and provide mitigation recommendations to facilitate secure systems for assessment and authorization (A&A) process
•Recommend technical process improvements for the A&A process
•Implement risk management framework (RMF) processes and document the system capabilities.
•Assess, verify, and support the implementation of security controls (physical and logical)
•Manage POA&Ms for the system and ensure that milestones are met.
•Enforcing INFOSEC policies and procedures
•Certified Information Systems Security Professional (CISSP)
•Information Systems Security Engineering Professional (ISSEP)
•DOD Information Technology Security Certification and Accreditation Process (DITSCAP)
•DOD Information Assurance Certification and Accreditation Process (DIACAP)
•Familiarity with Agile framework
•Ability to perform in a fast-paced environment with frequent changes
•Understand risk management framework process
•Experience with using NESSUS on a large IT network
Minimum Qualifications and Education
•Bachelor's Degree in computer science, computer engineering, information assurance, and five (5) years of relevant experience. Six (6) years of experience, for a total of eleven (11) can be substituted in lieu of a degree.
•Six (6) years relevant experience in information assurance or information security engineering.
•Five (5) years’ experience working on assessment and authorization (A&A) security packages
*Must have an active Top Secret clearance.
Business Unit Profile
Raytheon Intelligence & Space delivers the disruptive technologies our customers need to succeed in any domain, against any challenge. A developer of advanced sensors, training, and cyber and software solutions, Raytheon Intelligence & Space provides a decisive advantage to civil, military and commercial customers in more than 40 countries around the world. Headquartered in Arlington, Virginia, the business generated $15 billion in pro forma annual revenue in 2019 and has 39,000 employees worldwide. Raytheon Intelligence & Space is one of four businesses that form Raytheon Technologies Corporation.
Computer Engineering, Computer/Management Information Systems, Cyber Jobs, Information and Knowledge Systems
Type Of Job
DoD - SCI - Current
U.S. FLSA Classification