Principal Engineer - Systems Design

Job Description
Job Description:
- Designing, developing, implementing, and/or integrating IA and security systems and system components, including those for networking, computing, and enclave environments such as those with multiple enclaves and with differing data protection and classification requirements
- Building IA into systems deployed to operational environments
- Assisting architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions
- Supporting the building of security architectures
- Enforcing the design and implementation of trusted relations among external systems and architectures
- Assessing and mitigating system security threats and risks throughout the program life cycle
- Contributing to the security planning, assessment, risk analysis, risk management, and certification and awareness activities for system and networking operations
- Reviewing certification and accreditation (C&
A) documentation and providing feedback on completeness and compliance of its content
Applying system security engineering expertise in one or more of the following:
- System security design process
- Engineering life cycle
- Information domain
- Cross domain solutions
- Commercial off-the-shelf (COTS) and Government off-the-shelf (GOTS)
- Cryptography
- Identification
- Authentication and authorization (A&
A)
- System integration
- Risk management
- Intrusion detection
- Contingency planning
- Incident handling
- Configuration control
- Change management
- Auditing
- Certification and accreditation (C&
A) process
- Principles of IA (confidentiality, integrity, non-repudiation, availability, and access control)
- Security testing
- Participating as a security engineering representative on engineering teams for the design, development, implementation and/or integration of IA architectures, systems, or system components
- Applying knowledge of IA policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments
- Interacting with the customer and other project team members
- Supporting the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures
- Providing and supporting security planning, assessment, risk analysis, and risk management
- Identifying overall security requirements for the proper handling of Government data
- Recommending system-level solutions to resolve security requirements
- Supporting security authorization activities in compliance with the NSA/CSS Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF), the NIST Risk Management Framework (RMF) process, and prescribed NSA/CSS business processes for security engineering, to include ATO submissions.