Information System Security Engineer (ISSE)

• Execute the Assessment & Authorization (A&A) process in accordance with government requirements
• Conduct technical evaluation of information systems design and information security aspects and accreditation
• Perform vulnerability assessments using standardized tools (e.g., Nessus, DISA STIGs) and implement configuration updates as required
• Prepare comprehensive security assessment testing documentation to validate applied security controls in support of A&A testing
• Assess and mitigate system security threats, risks, and vulnerabilities throughout the program life cycle
• Participate as a member of a security engineering team designing, developing, implementing, evaluating, and/or integrating security architectures, systems, or components
• Assist customer staff in resolving operational security issues involving vendors who support the program
• Maintain the program’s operational security posture

• Active Secret

• Bachelor’s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline
• 5+ years of experience in IT security and/or information assurance
• Knowledge and experience in information systems security
• Knowledge of security system design tools, methods, and techniques
• Ability to harden containers for DoD use
• Experience applying STIGS
• Working knowledge of Assured Compliance Assessment Solution (ACAS) and other container scanners such as Trivy, Twistlock, or Palo Alto
• Ability to develop best practices for processes and standards that will improve the system
• Working knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption)
• Knowledge of network access, identity, and access management (e.g., PKI)
• Knowledge of DoD/IC system security control requirements
• Knowledge and experience with eMASS
• Knowledge of continuous monitoring practices
• Strong technical skills and analytic ability

• Any certifications relevant to system and cyber security
• Experience using the XACTA application
• Experience with Common security tools such as Nessus, WASSP, SECSCN, and/or MBSA
• Familiarity with the Joint Special Access Program (SAP) Implementation Guide (JSIG)
• Familiar with the operations of a Special Access Program Facility (SAPF)
• Experience with task management, metrics collection, and status reporting to management
• Proficient with Google Cloud Platform (GCP) technology
• Demonstrated knowledge/experience in the areas of resource allocation, workload management, and contract management

Hamdan Resources, LLC is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer (EEO/AA), making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship and/or authorization to work within the U.S.is required for most positions.