Noblis is helping FAA manage large and complex telecommunications and information management programs that use state of the art technologies to deliver enterprise infrastructure services essential to the safe and efficient operation of the largest, safest, and most complex aviation system in the world. We are seeking smart, passionate, and motivated people to join our proven team in a challenging and rewarding work environment where you will be actively engaged at the intersection of technology and operations enhancing our nation's aviation system. If you want to be involved in acquiring, implementing and managing the communications and information solutions to achieve our nation's aviation vision, this is the job for you! This Security Engineering position supports the FAA Cloud Services (FCS) Program, focusing on enterprise-wide systems security engineering, systems security requirements, systems security architecture and systems security solution implementation assessments for FAA Mission Support (MS) and the National Airspace System (NAS) Programs connected through the FAA's Federal Telecommunications Infrastructure (FTI) network. This position will: * Serve on a cloud program team providing technical direction, reviewing technical work products, tracking performance, and ensuring compliance with contract requirements in the area of telecommunications service solutions with hybrid system and cloud computing security architectures; * Provide expertise in developing, coordinating and ensuring the delivery of enterprise level security engineering solutions are provided to all FAA application owners/customers and programs for systems, telecommunications, cloud computing and Service Oriented Architecture (SOA) solutions; * Conduct security assessments and recommendations on cloud services and application migrations in response to FCS Prime Contractor and applications migrating to the cloud; * Provide systems security technical assessments/recommendations on the FAA's FTI WAN connectivity authentication and authorization services in accordance with FAA Boundary Protection Policies. * Provide requirements and architecture assessments including functional allocation to Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS) in the core backbone network, access networks and boundary protection NESGs. * Functional security assessments including allocations to application/network firewalls, Web application gateways, virus protection, protocol scanning capabilities and DMZs in cloud environments; * Assess logical and physical network architecture to ensure FAA Programs networking internally and across domain communications ensure adequate security separation for the FAA, NAS, MS Domains; * Ensure FCS system security requirements are infused into architecture and new system integration concept of operation (CONOPS) assessments, coordinating security compliance of system requirements for future MS and NAS applications and associated implementation alternatives using NAS and Non-NAS telecommunications, networking and boundary protection infrastructure; * Analyze and document results of current FAA EA and NAS EA environment to identify infrastructure security gaps and vulnerabilities and recommending solutions to improvement the \"as-is\" FAA architecture in relation to the NAS and Non-NAS requirements. * Apply Federal Enterprise Architecture (FEA) and FAA EA architecture life-cycle standards and policies to plan, research, design, and implement elements of FAA's Cloud Services (FCS) concepts to improve the \"to-be\" FAA cloud and security architecture solution in relation to the NAS and Non-NAS requirements. * Collaborate in the development of policies, guidance and procedures are consistently applied NAS and Non-NAS security measures to systems, telecommunications, cloud, data security / consumer/ distribution taxonomies, boundary protection capabilities in accordance with AODR (Authorizing Official Designated Representative), FAA EA and NAS EA. Qualifications Required Qualifications -- * Bachelor of science (Information Systems Security Engineering (ISSE), Systems Security Engineering, Security Architecture Engineer, System Security Architecture Management or related field) and at least 6 years of related experience in the field of telecommunications, system engineering and security architecture requirements, including technology insertion, policy compliance, and operations. * One or more of the following industry standard Information Security Certifications such as: CISSP: Certified Information Systems Security Professional; CISM: Certified Information Security Manager; GCIH: GIAC Certified Incident Handler; OSCP: Offensive Security Certified Professional or related certifications. * Experience in translating NIST 800-53 controls into solutions and operational procedures * Experience in government security authorizations (i.e. FedRAMP) audited under a 3PAO * Familiarization of CSPs CIS (Control Implementation Summary) and CRMs (Customer Responsibility Matrix) for the CSP services * Working knowledge of the Federal Risk Management Framework (RMF) and NIST Security Engineering Standards as well as Agency Security Engineering policies and guidance. * Demonstrated knowledge and expertise integrating customer security engineering requirements and needs into Agency's telecommunications services and support technical contract deliverables. * Consistent work experience in delivering system security engineering and security architecture services requiring direct knowledge of Agency security engineering and architecture engineering requirements, preferably related to FAA FTI systems implementation. * Ability to analyze project, program and portfolio needs, as well as determine resources needed to meet objectives and solve problems that involve remote and elusive symptoms, often spanning multiple environments in a business area, preferably in FAA and/or FTI systems environment. * Proficiency in systems security engineering techniques such as portfolio analysis, analysis of alternatives, and architecture modeling to support governance activities. * Proficiency in various security-engineering disciplines associated with Application, Data, Security and Data Center and Cloud Computing Infrastructure. * Proficiency in Systems engineering techniques such as portfolio analysis, analysis of alternatives, and architecture modeling to support EA governance activities. * Demonstrated cross-functional team leadership and strategic planning skills. * Strong professional and interpersonal skills * Experience in providing recommendations and associated configuration over cloud services (AWS and Azure currently) offers to modernize the technical aspects of security through automation. * Experience in working with cloud automation in a DevOps culture. Preferred Qualifications * Relevant work experience in the areas of Information Systems Security employed by Federal Agencies * Working knowledge and application of FAA systems architecture security policies and standards * Demonstrated proficiency in IT governance, SDLC, FEAF Architecture Framework * Proficiency with the Federal Enterprise Architecture Security and Privacy Profile (FEA-SPP) - highly preferred * Proficiency in business process modeling and re-engineering program requirements Overview Noblis and our wholly owned subsidiary, Noblis ESI, are solving difficult problems that help our government and our country. We bring the best of scientific thought, management, and engineering expertise with a reputation for independence and objectivity. We support a wide range of government and industry clients in the areas of national security, intelligence, transportation, healthcare, environmental sustainability, and enterprise engineering. Learn more at Noblis -About Us Why work at a Noblis company? Our employees find greater meaning in their work and balance the other things in life that matter to them. Our people are our greatest asset. They are exceptionally skilled, knowledgeable, team-oriented, and mission-driven individuals who want to do work that matters and benefits the public. Noblis has won numerous workplace awards. Noblis maintains a drug-free workplace and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race. -- Posted Date: Requisition # Job Category: Training Development Public Trust Associated topics: identity, iam, idm, information assurance, information security, leak, phish, protect, security analyst, security engineer
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.