Information Systems Security Engineer Lead

Please note that this position is contingent upon contract award. This position may be located in Quantico, VA, Hanover, MD or Huntsville, AL. 

• Support all phases of an ISSE program with Information Systems Security Engineering professional (ISSEP) certified personnel adequate to fulfill the requirements of the DOD A&A Process.
• The ISSE Program will use Information Assurance Technical Framework (IATF), DoD 5200.1-M, Common Criteria for IT Security Evaluation (International Organization for Standardization (ISO)/International Electro technical Commission (IEC) 15480, and DOD, Federal and DCSA Cybersecurity Policies as guides.
• Provide input to the DCSA A&A Process including and not limited to: Information Security planning, design, test and analysis.
• Provide research and analysis of Cloud services/platforms, Commercial-Off-The-Shelf (COTS) and, Government-Off-The-Shelf (GOTS), and IA-enabled products as part of the security architecture and ensure products are National Security Telecommunications and Information Systems Security Policy Number 11 (NSTISSP-11) compliant and validated via the NIAP Common Criteria Evaluation and Validation Scheme or NIST Federal Information Processing Standards (FIPS) Cryptographic Module Validation Program (CMVP).
• Develop and provide cyber COTS/GOTS product analysis and testing processes in accordance with applicable DoD Policies.
• Provide cyber support in designing IT System architecture and IT solutions.
• Provide support in cyber requirements definition and validation.
• Analyze cybersecurity business models, IT solutions, trends, and emerging technologies.
• Provide cyber support in the planning and designing of availability, capacity, and service continuity.
• Support the development of long-range cybersecurity strategic plans.
• Support and maintain the DCSA security technical guidelines and framework.
• Assess the quality and viability of existing cyber solution architectures and design integrity.
• Provide Identity, Credential and Access Management ICAM / Axonious support:
  • Manage how users access digital resources and work solution on core functions such as identity lifecycle management, access controls, identity governance, privileged access management, cloud identity and access management, MFA, Single sign-on (SSO), and adaptive authentication.
• Manage centralized directories and integrate same with external directory services like Microsoft Active Directory, Amazon Web Services (AWS), Microsoft Azure, and Microsoft Entra ID.
• Automate workflows for creating, updating and removing digital identities.
  • Create a network-wide, product-agnostic identity fabric that allows the organization to manage identity and access for all apps and assets including legacy applications through a single, authoritative directory.
  • Identify potential security vulnerabilities in ICAM/Zero Trust (ZT) implementation and recommend remediation.
  • Support accurate, scalable and integrated discovery and classification of structured and unstructured data across all environments.
• Support Zero Trust Security by: Engineering cyber compliant solutions that align with DoD/DCSA Cyber reference architecture and guidance.
• Support AI integration into RMF controls for systems Attribute Based Access Control (ABAC), log reviews, emergent capabilities, and align with DoD/DCSA Cyber reference and guidance.
• Ensure Taskers are addressed within the scheduled due dates.
• Report on progress and compliance with associated taskers.
• Provide Identity, Credential and Access Management (ICAM) / Axonius support:
• Manage how users access digital resources and work solution on core functions such as identity lifecycle management, access controls, identity governance, privileged access management, cloud identity and access management, MFA, Single sign-on (SSO), and adaptive authentication.
• Manage centralized directories and integrate same with external directory services like Microsoft Active Directory, Amazon Web Services (AWS), Microsoft Azure, and Microsoft Entra ID.
• Automate workflows for creating, updating and removing digital identities.
• Create a network-wide, product-agnostic identity fabric that allows the organization to manage identity and access for all apps and assets including legacy applications through a single, authoritative directory.
• Identify potential security vulnerabilities in ICAM/Zero Trust (ZT) implementation and recommend remediation.
• Support accurate, scalable and integrated discovery and classification of structured and unstructured data across all environments.

• Bachelor's degree from an accredited university/college
• Must have and maintain an active DoD Top Secret/SCI level clearance
• Minimum 7 years of experience in a similar role
• ISSE Lead is required to meet DoDM 8140/DoDM8570.01-M IASAE III or DoDM 8140/DoDM8570.01-M IAM III, requirements prior to onboarding, Knowledge of Zero Trust principles and target activity (aligned with DoD ZT Reference Architecture)

PCI Federal Services (PCIFS) and its subsidiaries is an equal-opportunity employer. PCIFS does not discriminate on the basis of age, sex, race, national origin, religion, marital status, sexual orientation or identity, Veterans or Disability status.

Preference may be extended to qualified Native American Indian candidates

in accordance with applicable federal law.