Raytheon Intelligence, Information and Services (IIS) is seeking an experienced Information Systems Security Engineer (ISSE) to join our team in support of the U.S. Air Force North American Aerospace Defense Command (NORAD) Cheyenne Mountain Complex Integrated Tactical Warning/Attack Assessment (NCMC-ITW/AA) Sustained Support Contract (NISSC).
NISSC will provide accurate, timely, and unambiguous warning and attack assessment of Air, Missile, and Space threats with daily visibility of National Command Authority leaders including the President of the United States.
NCMC-ITW/AA is composed of Air, Missile, and Space Warning Missions located at Cheyenne Mountain AFS, Peterson AFB, Offutt AFB, Vandenberg AFB, and forward user and sensor sites worldwide.
This position is for an Information Systems Security Engineer (ISSE) to perform systems security engineering in support of new systems fielding?s and upgrades to legacy space and ITW/AA programs in the Raytheon Consolidated Engineering Laboratory (RCEL) in Raytheon?s Colorado Springs, CO facility and/or the Test Development Facility (TDF) located at Peterson AFB CO and NISSC operational locations.
- Analysis of cyber requirements and potential design solutions, providing guidance and direction related to security technologies, performing analysis on cybersecurity collected data and test results, identifying and implementing cybersecurity design, and preparing and maintaining engineering and security related documentation.
- Performing and providing vulnerability assessment results and recommendations to the NISSC Program Engineer, Program Protection Lead and/or Systems Security and Accreditation section as necessary
- Assessing known systems vulnerabilities and verifying system hardening and patching activities to ensure compliance with the most current applicable Security Technical Implementation Guides (STIGs)/Security Requirements Guides (SRGs) and related checklists
- Document, implement and prioritize patching requirements across the organizational enterprise
- Develop scripts to automate the system installation of required patches and configurations to remediated identified system vulnerabilities
- Responsible for the development and testing of patches to fix vulnerabilities in Windows, RHEL and Solaris operating systems and associated applications
- Assist in conducting cybersecurity audits to ensure appropriate implementation and compliance of the security posture
- Performing systems security engineering and test efforts associated with implementation of security controls on networking devices, databases, operating systems, hardware and software components
- Developing vulnerability reports and investigating impact, resolution and verification of security vulnerabilities and patches as well as performing deep dive and impact analysis into failed patch deployments
- Provide regular reporting on patch management program and overall operation status of patch compliance
Note: This position can be Salary Grade G09 (Senior Cyber Engineer II) or Salary Grade G10 (Principal Cyber Engineer) based upon the applicant?s qualifications as they relate to the skills, leadership, experience and responsibility requirements of the position.
- Ability to support periodic travel (less than 5%)
Technical Skills / Experience Required:
- Experience creating, installing, and testing vulnerability fixes to Windows and Unix/Linux platforms
- Experience with Linux and Windows system administration including installing and configuring systems from the OS level up
- Familiarity with RHEL, Unix Scripting, Windows PowerShell is required
- Experience with scripting languages (developing, debugging and maintaining)
- Experience developing secure applications that are compliant with DISA Security and Technical Implementation Guides (STIGs)
- The candidate should be able to clearly and succinctly communicate complex concepts, issues, and status
- DoDI 8570.01-M IAT Level-II Certification or greater (e.g. Security+ CE, CISSP) with at least one supporting CE/OS certificate
Knowledge / Skills / Experience Desired:
- Active/Current TS clearance with the ability to maintain required level
Knowledge of the following is a plus:
- VMWare systems administration and installing and configuring VMware
- CISCO and Juniper firewall installation, configuration and administration
- Experience with Information Assurance policies and procedures and the ability to apply IA requirements to an existing system
- Knowledge of XML
- Experience implementing DoD and Federal IA Certification and Accreditation Processes, assessing and validating compliance with IA controls and developing and maintaining associated certification and accreditation documentation
- Familiar with NIST Risk Management Framework as described in NIST Special Publication 800-37
- Experience working U.S. Government contract proposals as an Information Assurance/ Information Security Engineering subject matter expert
- Self-starter requiring limited direction and supervision
Bachelor?s degree in Engineering/Technical discipline and at least 6 years applicable experience & professional certifications mandatory (Advanced degree and at least 4 years? experience); applicable years of experience considered in lieu of degree.
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.