NAS Information System Security Engineer

LS Technologies is currently seeking a NAS Information System Security Engineer (NAS Engineer) to support to the Federal Aviation Administration (FAA) Cybersecurity Engineering Team. The NAS Engineer must have extensive engineering experience within various network topologies and concepts and should have extensive knowledge working with National Institute of Standards and Technology (NIST), Federal Information Processing Standard (FIPS), and Risk Management Framework (RMF) authorization process.

Responsibilities:

• Responsible for developing the security risk posture of Federal Aviation Administration (FAA) Air Traffic Organization (ATO) and enterprise assets by analyzing security/vulnerability assessment reports based on system-specific and common security controls.
• Provide support to System Owners (SO) and System Security Officers (SSO) through technical analysis of security requirements.
• Review security documentation to include Security Characterization Documents (SCD), System Security Plans (SSP), and System Contingency Plans (SCP)
• Provide support for incident response exercises and operational assessments based on Common Vulnerability and Exposure (CVE) records.

Requirements:

• Bachelor's Degree in Computer Science, Computer Engineering, Information, or Cyber security/Information Assurance
• Experience with RMF processes, FIPS Publication 199 and NIST 800-53 Rev 4 (control)

• Must possess a solid foundation in working with system and software architectures for complex aerospace and/or communications systems.
• Ability to apply system security engineering techniques to solve and mitigate cyber vulnerabilities.
• Experience in design, maintenance, and operation of large enterprise sized networks
• Work cooperatively with team members and perform specialized tasks and projects with a high degree of independence.
• Strong written and verbal communication skills, including presentations skills.
• Ability to document and/or present ideas and findings to facilitate management decisions.
• Ability to develop new ideas and techniques that advance the state of the practice for cybersecurity.

• Preferred Experience with FAA National Airspace System (NAS) requirements and systems engineering.

Preferred Experience

Cybersecurity

• Certified Information Systems Security Professional (CISSP); Or combination of Security+ CE; Certified Cloud Security Practitioner (CCSP); SANS GIAC Security Essentials (GSEC); Systems Security Certified Practitioner (SSCP)

• Comprehensive understanding of cybersecurity frameworks such as NIST Cybersecurity Framework (CSF), NIST Risk Management Framework (RMF), and International Organization Standardization/International Electrotechnical Commission (ISO/IEC) 27001 Information Security Management

• Enterprise Security, Information Assurance, Cybersecurity and cryptography encryption concepts, Web security, Cyber Risk Analysis, Risk management, Reducing Cyber Risk, Vulnerability management/remediation
• Security Information and Event Management (SIEM): Splunk, ArcSight, Syslog/Rsyslog.

Network and Computer Systems Administration:

• Network Administration: Network Routers and Switches, Firewalls, VPN, Load Balancers, Network Segmentation Devices
• Systems Administration: Virtual Machines (VM) - VMWare, Citrix, Nutanix, Active Directory (AD), DNS, and backup and restoration.
• Operating Systems: Linux (RHEL, CentOS, Ubuntu), Windows, etc.

Clearance Level Required

Minimum, Secret

Travel

• 0-20%

LS Technologies, LLC provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

COVID Policy: Prospective and/or new employees will be required to have a vaccination attestation. Any vaccination requirements will follow local, state and federal law. Customer site vaccination requirements, if more strict, will take precedence over LST's vaccination policy.