• Location: Denver, Colorado
  • Type: Contract
  • Job #2185

Title: Information Systems Security Engineer (ISSE)
*Clearance: *Active Secret  needed to apply *
Location: Denver, CO


Company Overview:

Cornerstone Defense, in partnership with our military, intelligence, and civil government customers, supports U.S. operations worldwide through the use of many different types of intelligence, satellite, and cyber technologies. Cornerstone’s Intelligence Sector provides solutions to the United States Government for information collection, operations, exploitation and dissemination, and research activities. Our Team specializes in software development, cloud architecture, systems and network engineering, systems integration, agile management, as well as targeting operations and intelligence analysis. Our support to our mission customers includes cyber network operations, exploitation and defense, signals intelligence, human intelligence, and critical missions and networks.


Implement the Risk Management (RMF) process throughout the entire A&A lifecycle of the system(s), supporting all efforts pre and post Authority to Operate (ATO) determination

• Assist the ISSM in meeting their duties to support A&A activities and coordinate with system’s Security Controls Assessor (SCA) and Authorizing Official (AO)

• Perform and review technical security assessments of the system(s) to identify points of vulnerability, non-compliance with established cybersecurity standards and regulations, and recommend mitigation strategies to maintain operational security posture for the boundary systems

• Conduct risk analyses from vulnerability, compliance scans, penetration testing results, and/or other audit activities

• Create and maintain Plan of Action and Milestones (POA&Ms), System Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), Standard Operating Procedures (SOPs), Configuration Management Plans, Contingency Plans and Test Result/Security Impact Analyses

• Serve as the primary engineer for the implementation and maintenance of security compliance and monitoring solutions and capabilities deployed within the information system(s)

• Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media

• Conduct continuous monitoring (ConMon) activities for applicable authorization boundaries

• Apply and maintain up to date application of Security Technical Implementation Guides (STIGs) to required components of the information systems

• Maintain inventory and asset configuration to include change management documentation

• Ensure that the appropriate operational security posture is maintained for the information system, working in close collaboration with the information system owner and the ISSM

• Notify ISSM when changes occur that might affect the authorization determination of the information system(s)

• Report all security-related concerns and incidents to the ISSM 

Required Qualifications:

–         Experience developing and documenting DoD Assessment and Authorization documentation

–         4 – 7 years of ISSO/ISSE experience

–         DoD 8570-M – IAT II Certification (CISSP, CAP, Sec+, CCNA Sec, CySA+, GSEC, SSCP, etc.) or ability to receive certification within 6 months of the date of hire

–         US Citizenship and an Active Secret clearance or higher

Requirements/Preferred Experience:

• Knowledge of CNSSI 1253, NIST 800 Series (primarily 800-53, 800-53A, 800-171), and DCSA’s DAAPM

• Familiarization with RMF package creation and maintenance artifacts to support A&A decision

•  Experience using DISA Security Technical Implementation Guides (STIGs), Security Requirements Guide (SRGs) and Security Content Automation Protocol (SCAP) to audit and securely configure network-enabled devices

• Fundamental knowledge of DISA Enterprise Mission Assurance Support Service (eMASS)

• Familiar with vulnerability tools and audit review tools which include audit log analysis and report generation (Nessus and Splunk experience preferred)

• Experience conducting risk analysis on products and system components through review of CVEs, plugins, CWEs

• Ability to remediate security vulnerabilities by implementing solutions on network devices and applications

• Experience in conducting software due diligence with COTS and GOTS solutions

• Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption)

• Working knowledge of scripting/programming languages (PowerShell, Python, BASH)

• Operational knowledge and experience with switches/routers/firewalls

• Strong communication and documentation skills

• Flexible and able to adapt to a rapidly changing environment

• Positive, self-motivated individual who can complete tasks independentl

Attach a resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!