Raytheon Intelligence, Information and Services is looking for Talented Information Systems Security Engineer (ISSE) to join our engineering team in support of the U.S. Air Force North American Aerospace Defense Command (NORAD) Cheyenne Mountain Complex Integrated Tactical Warning/Attack Assessment (NCMC-ITW/AA) Sustained Support Contract (NISSC) in Colorado Springs, Colorado.
Want to join a company that Stands Out among their competitors? At Raytheon, We Stand Out for a lot of reasons – and our employees are behind every one of them. Click here to find out what they have to say about the work we do and who we do it:
As a Information Systems Security Engineer (ISSE), you will perform systems security engineering in support of new systems fielding’s and upgrades to legacy space and ITW/AA programs in the Raytheon Consolidated Engineering Laboratory (RCEL) in Raytheon’s Colorado Springs, CO facility and/or the Test Development Facility (TDF) located at Peterson AFB CO and NISSC operational locations.
• Analysis of cyber requirements and potential design solutions, providing guidance and direction related to security technologies, performing analysis on cybersecurity collected data and test results, identifying and implementing cybersecurity design, and preparing and maintaining engineering and security related documentation.
• Performing and providing vulnerability assessment results and recommendations to the NISSC Program Engineer, Program Protection Lead and/or Systems Security and Accreditation section as necessary
• Assessing known systems vulnerabilities and verifying system hardening and patching activities to ensure compliance with the most current applicable Security Technical Implementation Guides (STIGs)/Security Requirements Guides (SRGs) and related checklists
• Document, implement and prioritize patching requirements across the organizational enterprise
• Develop scripts to automate the system installation of required patches and configurations to remediated identified system vulnerabilities
• Responsible for the development and testing of patches to fix vulnerabilities in Windows, RHEL and Solaris operating systems and associated applications
• Assist in conducting cybersecurity audits to ensure appropriate implementation and compliance of the security posture
• Performing systems security engineering and test efforts associated with implementation of security controls on networking devices, databases, operating systems, hardware and software components
• Developing vulnerability reports and investigating impact, resolution and verification of security vulnerabilities and patches as well as performing deep dive and impact analysis into failed patch deployments
• Provide regular reporting on patch management program and overall operation status of patch compliance
• Ability to support periodic travel (less than 5%)
Clearance Requirement: Must be a U.S. CITIZEN with an Active Secret clearance with the ability to obtain a Top Secret clearance
Required Experience, Knowledge and/or Skills:
• Bachelor degree and at least 6 years demonstrated related engineering experience
• Previous experience with cyber requirements analysis, rendering of cyber solutions/architectures, and associated planning and implementation support
• Experience creating, installing, and testing vulnerability fixes to Windows and Unix/Linux platforms
• Experience with Linux and Windows system administration including installing and configuring systems from the OS level up
• Familiarity with RHEL, Unix Scripting, and Windows PowerShell is required
• Experience with scripting languages (developing, debugging and maintaining)
• Experience developing secure applications that are compliant with DISA Security and Technical Implementation Guides (STIGs)
• The candidate should be able to clearly and succinctly communicate complex concepts, issues, and status
• DoDI 8570.01-M IAT Level-II Certification or greater (e.g. Security+ CE, CISSP) with at least one supporting CE/OS certificate
• Self-starter requiring limited direction and supervision
Desired Experience, Knowledge and/or Skills:
• Knowledge of the following is a plus:
• VMWare systems administration and installing and configuring VMware
• CISCO and Juniper firewall installation, configuration and administration
• Experience with Information Assurance policies and procedures and the ability to apply IA requirements to an existing system
• Knowledge of XML
• Experience implementing DoD and Federal IA Certification and Accreditation Processes, assessing and validating compliance with IA controls and developing and maintaining associated certification and accreditation documentation
• Familiar with NIST Risk Management Framework as described in NIST Special Publication 800-37
• Experience working U.S. Government contract proposals as an Information Assurance/ Information Security Engineering subject matter expert
• Previous experience with design/implementation of Cloud-based solutions (Gov Cloud, AWS, Azure, etc.) and familiarization with application of FEDRAMP Common Control Criteria highly desired
• Previous experience with the creation of vulnerability testing processes and security breach mitigation tactics
• Previous experience/familiarity with TDM and TCP/IP network protocols, application layer protocols (e.g., HTTP, SMTP, DNS, etc.), and tactics, techniques and procedures for application and parsing of network protocols
• Previous experience with the design/implementation, review and assessment of firewall, intrusion detection/intrusion prevention, SIEM, VPN, SSL, application controls, Antivirus, and other network component policies
Bachelor degree in Science, Technology, Engineering or Mathematics (STEM).
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.