Tetrad Digital Integrity LLC

  • Information System Security Engineer

    Job Locations US-DC-Washington DC
    Posted Date 3 weeks ago(5/30/2018 12:49 PM)
    # of Openings
    Information Technology
  • Overview

    TDI is seeking an Information System Security Engineer (ISSE) that will be responsible for interfacing with customers and leading other TDI team members to develop system security plans and their associated appendices. They will be responsible for performing security assessments to ensure compliance with internal policies, controls, and standards, as well as client and regulatory security requirements. These assessments include evaluating technological, operational, management and privacy controls in order to evaluate the design and implementation of security controls. The individual will be responsible for risk and compliance management and reporting to include risk assessments, system security plans, security assessment reports, vulnerability assessments, and POA&M management. They will also be responsible for developing authorization packages for new systems requiring assessment and authorization. This will include developing and implementing continuous monitoring strategies.

    The desired candidate will also have experience conducting technical assessments to identify vulnerabilities and providing recommendations for remediation. Technical assessments include utilizing vulnerability scanning tools, performing penetration testing and conducting web application assessments.  


    • Utilize the NIST Risk Management Framework (RMF) to develop comprehensive security packages, conduct assessments of information security controls in order to measure the effectiveness of controls and identify control gaps
    • Ensure compliance to guidance, standards and regulations such as NIST Special Publications, FIPS, FedRAMP, PCI-DSS, HIPAA, HITRUST and other federal regulations and policies
    • Prepare System Security Plans, Security Authorization Packages, including documentation such as Authorization Official Out-briefs, Security Authorization Recommendations, Plan of Action and Milestones (POA&M) and Security Authorizations memorandums
    • Knowledge and experience with supporting and/or implementing many of the following technologies and processes: Vulnerability & Patch Management, Endpoint Protection, Firewalls (Network and/or Endpoint), Web Proxies, Load Balancer and Web Application Firewalls, Security Information and Event Management (SIEM), Data Loss Prevention, Network monitoring and mapping, and Incident Response Processes and Tools
    • Knowledge and experience in creating and maintaining minimum security configuration baselines for Windows and Linux platforms and applications (i.e., Minimum Benchmarks: CIS, DISA STIGS)
    • Knowledge and experience with cloud security implementation and assessment
    • Knowledge and experience with penetration testing and/or web application assessments are a plus



    • Bachelor’s degree in cyber security, information assurance, computer science, information technology or related major/experience.
    • Minimum five (5) years of work experience performing security analyst and/or engineering related functions
    • Ability to multi-task in a deadline oriented environment
    • Ability to manage tasks or projects through completion with very little supervision or oversight
    • Ability to work well independently with little input and as a part of a team
    • Ability to direct or lead others in a team environment
    • Ability to develop and present briefings to the customer and/or company leadership
    • Ability to obtain and maintain Public Trust Clearance
    • CISSP certification is desired, other cyber security related or vendor certifications are a plus


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed