• Information Security Engineer II

    Location US-DC-Washington
    Posted Date 2 months ago(4/5/2019 2:31 PM)
    Requisition #
    Full Time
    Security Clearance
    Job Category
    Telecommunications and Network Engineering
  • Overview

    Noblis and our wholly owned subsidiary, Noblis ESI, are solving difficult problems that help our government and our country. We bring the best of scientific thought, management, and engineering expertise with a reputation for independence and objectivity. We support a wide range of government and industry clients in the areas of national security, intelligence, transportation, healthcare, environmental sustainability, and enterprise engineering. Learn more at noblis.org/about.


    Why work at a Noblis company?

    Our employees find greater meaning in their work and balance the other things in life that matter to them. Our people are our greatest asset. They are exceptionally skilled, knowledgeable, team-oriented, and mission-driven individuals who want to do work that matters and benefits the public.


    Noblis has won numerous workplace awards. Noblis maintains a drug-free workplace and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race.


    Noblis is helping FAA manage large and complex telecommunications and information management programs that use state of the art technologies to deliver enterprise infrastructure services essential to the safe and efficient operation of the largest, safest, and most complex aviation system in the world.  We are seeking smart, passionate, and motivated people to join our proven team in a challenging and rewarding work environment where you will be actively engaged at the intersection of technology and operations enhancing our nation’s aviation system.  If you want to be involved in acquiring, implementing and managing the communications and information solutions to achieve our nation’s aviation vision, this is the job for you!


    This Security Engineering position supports the FAA Enterprise Solutions & Engineering - Communications, Information & Network Programs (ESE-CINP) Office‘s security engineering team focusing on enterprise-wide systems security engineering, systems security requirements, systems security architecture and systems security solution implementation assessments for FAA National Airspace System (NAS) Programs connected through the FAA’s Federal Telecommunications Infrastructure (FTI) network. This position will:

    • Serve on a team of system security engineers providing technical direction, reviewing technical work products, tracking performance, and ensuring compliance with contract requirements in the area of telecommunications service solutions with hybrid system and cloud computing security architectures;
    • Provide expertise in developing, coordinating and ensuring the delivery of enterprise level security engineering solutions are provided to all CINP customers and programs for systems, telecommunications, cloud computing and Service Oriented Architecture (SOA) solutions;
    • Conduct security assessments and recommendations on FTI Contract Proposals in response to FAA issued Requests for Proposals (RFPs) to the FTI Prime Contractor. Proposals assessments based on a risk perspective factored against FAA Orders, Policies, Guidelines and Policy Notices.
    • Provide systems security technical assessments/recommendations on key FAA’s System Wide Information Management (SWIM) infrastructure and services utilizing Service Oriented Architecture (SOA) Technologies via the NAS Enterprise Messaging Service (NEMS) as well as the FAA’s FTI WAN connectivity authentication and authorization services in accordance with FAA Boundary Protection Policies.
    • Support ESE-CINP requirements and technical architecture security assessments of the Enterprise Security infrastructure and services in the FAA’s NAS Operational Domain and the NAS Enterprise Security Gateways (NESGs) for External Business Entities communications.
    • Provide requirements and architecture assessments including functional allocation to Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS) in the core backbone network, access networks and boundary protection NESGs.
    • Functional security assessments including allocations to application/network firewalls, Web application gateways, virus protection, protocol scanning capabilities and DMZs in the NESGs.
    • Assess logical and physical network architecture to ensure FAA Programs networking internally and across domain communications ensure adequate security separation for the FAA, NAS, MS Domain, FAA National Test Bed (FNTB) and the Research and Development (R&D) Domains. The NAS Operational Domain requires physical separation from other networking domains and the use of Enterprise Security Gateways (ESGs) are required for all inter-domain communications.
    • Apply NAS IAM Policy Notice releases that address the Enterprise IAM Policy, requiring all systems and applications that utilize the Internet Protocol (IP) and SWIM service for NAS inter-domain and intra-domain communications are NAS Enterprise Common Public Key Infrastructure compliant. Key components of the policy framework are Certification Authority, Key Management Infrastructure, X.509 digital credentials and Certificate Revocation Service.
    • Ensure CINP system security requirements are infused into architecture and new system integration concept of operation (CONOPS) assessments, coordinating security compliance of system requirements for future NAS system interactions and associated implementation alternatives using NAS and Non-NAS CINP telecommunications, networking and boundary protection infrastructure;
    • Analyze and document results of current FAA EA and NAS EA environment to identify infrastructure security gaps and vulnerabilities and recommending solutions to improvement the "as-is" FAA architecture in relation to the NAS and Non-NAS CINP requirements.
    • Apply Federal Enterprise Architecture (FEA) and FAA EA architecture life-cycle standards and policies to plan, research, design, and implement elements of FAA’s Cloud Services (FCS) concepts to improve the "to-be" FAA cloud and security architecture solution in relation to the NAS and Non-NAS CINP requirements.
    • Collaborate in the development of policies, guidance and procedures are consistently applied NAS and Non-NAS CINP security measures to systems, telecommunications, cloud, data security / consumer/ distribution taxonomies, boundary protection capabilities in accordance with AODR (Authorizing Official Designated Representative), FAA EA and NAS EA. 


    Required Qualifications:

    • Bachelors of Science and at least 11 years of related experience or Masters of science with 8 years of related experiene in Information Systems Security Engineering (ISSE), Systems Security Engineering, Security Architecture Engineer, System Security Architecture Management or related field.
    • At least 11 years of experience in the field of telecommunications, system engineering and security architecture requirements, including technology insertion, policy compliance, and operations. (8 years of experience with a Masters of Science).
    • One or more of the following industry standard Information Security Certifications such as: CISSP: Certified Information Systems Security Professional; CISM: Certified Information Security Manager; GCIH: GIAC Certified Incident Handler; OSCP: Offensive Security Certified Professional or related certifications.
    • Working knowledge of the Federal Risk Management Framework (RMF) and NIST Security Engineering Standards as well as Agency Security Engineering policies and guidance.
    • Demonstrated knowledge and expertise integrating customer security engineering requirements and needs into Agency’s telecommunications services and support technical contract deliverables.
    • Consistent work experience in delivering system security engineering and security architecture services requiring direct knowledge of Agency security engineering and architecture engineering requirements, preferably related to FAA FTI systems implementation.
    • Ability to analyze project, program and portfolio needs, as well as determine resources needed to meet objectives and solve problems that involve remote and elusive symptoms, often spanning multiple environments in a business area, preferably in FAA and/or FTI systems environment.
    • Proficiency in systems security engineering techniques such as portfolio analysis, analysis of alternatives, and architecture modeling to support governance activities.
    • Proficiency in various security-engineering disciplines associated with Application, Data, Security and Data Center and Cloud Computing Infrastructure.
    • Proficiency in Systems engineering techniques such as portfolio analysis, analysis of alternatives, and architecture modeling to support EA governance activities.
    • Demonstrated cross-functional team leadership and strategic planning skills.
    • Strong professional and interpersonal skills


    Preferred Qualifications

    • Relevant work experience in the areas of Information Systems Security employed by Federal Agencies 
    • Working knowledge and application of FAA systems architecture security policies and standards
    • Demonstrated proficiency in IT governance, SDLC, FEAF and DoD Architecture Framework
    • Proficiency with the Federal Enterprise Architecture Security and Privacy Profile (FEA-SPP) - highly preferred
    • Proficiency in business process modeling and re-engineering program requirements

    Apply for this job

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed