Are you looking to make an immediate impact where you can help our clients solve their business challenges? Deloitte's Core Business Operations (CBO) portfolio operates at the center of our client's business. By joining our team, you could help C-suite and program leaders transform their organization and accelerate mission execution through emerging and disruptive technologies, innovative business models, retooled program operations and industry-driven solutions.
Work you'll do:
The team provides cybersecurity policy, reviewing A&A artifacts, performing A&A validation, implementation of security postures, subject matter expertise in cybersecurity life cycle management, coordination, implementation, and sustainment of A&A. In addition, the team supports engineering and design services, testing, monitoring, troubleshooting, consultation, performance of analysis to ensure security controls are implemented, integrate new technology with IT security standards, technical writing, governance, and policy development/management required to develop, evaluate Information Assurance Assessment and Authorization (A&A) for servers and systems, and validation for systems.
Deloitte is seeking a dedicated Information System Security Engineer (ISSE) to provide cybersecurity support. This candidate will provide Cybersecurity/Information Assurance Support Services, which includes DoD Information Assurance Certification & Accreditation Process (DIACAP) and Risk Management Framework (RMF) services. The scope of these services includes cybersecurity policy, reviewing Assurance Assessment and Authorization (A&A) artifacts, performing A&A validation, implementation of security postures, Subject Matter Expertise in cybersecurity life cycle management, coordination, implementation, and sustainment of A&A.
What You'll Do:
- Satisfy DoD cybersecurity requirements including CYBERSAFE, Clinger-Cohen Act compliance, IA Strategy development, System Security Accreditation Agreement (SSAA) development with supporting appendices, Certification Test and Evaluation, Security Test and Evaluation, and risk mitigation.
- Conduct independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the security controls.
- Maintain and or develop information systems assurance and A&A accreditation documentation.
- Ensure information systems are operated, used, maintained, and disposed of in accordance with security policies and required by the authorization package .
- Validate the confidentiality, integrity and availability of systems, networks, and data in accordance with information systems programs, policies, procedures and goals.
- Develop procedures to ensure information systems reliability and accessibility; prevent and defend against unauthorized systems, network and data.
- Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks protection needs; conduct systems security evaluation, audits, and reviews; determine the residual risk of a package based on content and assessment results and documenting for the Security Controls Assessor's (SCA) and higher-level review.
- Conduct systems security reviews, audits, or evaluations, as appropriate, to ensure accreditation documents are accurate the current risk posture of the system.
- Interpret and implement local information security and higher-level policies.
- Three (3) years of professional experience capturing and refining information security operational and security requirements, and ensuring those requirements are properly addressed through purposeful architecting, design, development, and configuration; and implementing security controls, configuration changes, software/hardware updates/patches, vulnerability scanning, and securing configurations
- An active secret clearance is required.
- Bachelor's degree in systems engineering, computer science, or an equivalent technical degree from an accredited college or university.
- Must be IAT Level II compliant (possess one of the following current certs):
- Cisco CCNA Security
- CompTIA Cybersecurity Analyst (CySA+)
- Global Industrial Cyber Security Professional (GICSP)
- GIAC Security Essentials (GSEC)
- CompTIA Security+
- (ISC)2 Systems Security Certified Practitioner (SSCP)
Deloitte's Government and Public Services (GPS) practice – our people, ideas, technology and outcomes—is designed for impact. Serving federal, state, & local government clients as well as public higher education institutions, our team of over 15,000+ professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise.
The Systems Engineering offering is comprised of experienced professionals who help guide clients through their most complex technology challenges. This can include the delivery of large scale software applications & integrated systems, the development of service-oriented architecture (SOA) and other integrations solutions, and the delivery of technology enablement to support CIO services transformation. Our Systems Engineering offering focuses on key client issues that impact the core business, provide operational value, drive down the cost of quality, and enhance technology innovation.
How you'll grow
At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.
From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.Benefits
At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.Our people and culture
Our diverse, equitable, and inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our client most complex challenges. This makes Deloitte one of the most rewarding places to work. Learn more about our inclusive culture.Professional development
From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Learn more about our commitment to developing our people.
As used in this posting, "Deloitte" means Deloitte Consulting LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
Deloitte will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws. See notices of various ban-the-box laws where available.
Requisition code: 40369
Apply on company website