Trace Systems

Returning Candidate?

Information Systems Security Engineer

Information Systems Security Engineer

Job ID 
# of Openings 
Job Locations 
Posted Date 

More information about this job


Trace Systemsheadquartered in Vienna, Virginia, was founded in 1999 to support and defend our nation's security interests at home and abroad–– whenever and wherever. We provide cybersecurity, intelligence, communications, networking and information technology services, systems, and solutions to the United States Department of Defense, Intelligence Community and Department of Homeland Security.  This opportunity will be directly supported from our local Operations office located in Tampa, Florida.



Job Title:  Information Systems Security Engineer


Job Location:  Tampa, Florida


Security Clearance:  TS w/SCI Eligibility.

Job Responsibilities

  • Document changes to systems and checklists.
  • Assist with developing and maintaining system policies and procedures for network security, virus protection, user accounts, maintenance and utilization.
  • Engineer and implement security solutions.
  • Provide remediation of vulnerabilities identified on infrastructure devices.
  • Analyze information assurance-related technical problems and provide engineering support in solving these problems.
  • Ensure compliance with DoD guidance, regulations, and instructions as they pertaining to the unit's systems/networks.
  • Properly notify the government when changes to DoD guidance, regulations, and instructions impact the unit's systems/networks.
  • Perform vulnerability and risk analyses of computer systems and applications during all phases of the system development life 
  • Provide technical support to the IA Cell to develop and maintain customer IA processes and procedures regarding the customer's computer network defense in-depth protection for the customer enterprise.
  • Perform and support updates to and maintenance of the POA&Ms for the customer Enterprise.
  • Support to development of RMF Security Plans.
  • Assist with developing and maintaining system policies and procedures for network security, virus protection, user accounts, maintenance and utilization.
  • Document changes to systems and all required checklists for use within the customer Enterprise.
  • Ensure that customer networks and systems maintain security certification, accreditation and authority to operate if they are modified to meet operational requirements.
  • Coordinate with the customer and external organizations, agencies and activities to support resolution of security issues, accreditation and connection approval and waiver requests.
  • Recommend connection approval, disapproval or modification based on security risks and system vulnerabilities.
  • Recommend network configuration, policy, training, operational or other changes/updates based on assessed risks.
  • Develop and review Security Test and Evaluation plans as required.
  • Review the customer Enterprise architecture to ensure compliance with DoD guidance and direction.
  • Perform network security planning and engineering to include review of network topology and architecture plans, review of security device configuration changes, and review the risks associated with new technologies or products proposed for integration into the customer Enterprise network.
  • Implementation DoD information assurance security guidelines for all hardware and software to ensure proper security for the customer Enterprise. Implementation actions include but are not limited to STIGs, compliant patch implementation/management, Information Assurance Vulnerability Assessments (IAVA) compliance, integration/ implementation of network or firewall approved devices, and react appropriately to cyber threats.
  • Must have knowledge of SCAP-compliant tools such as ACAS and RMF to assist with IA recommendations on security posture for the customer Enterprise.
  • Conduct risk & vulnerability assessments of the customer information systems to identify associated vulnerabilities, risks and protection needs.
  • Evaluates and asses vulnerabilities of network and application server hardware, operating system software, and peripheral network equipment such as routers, bridges, switches, attached cabling system, network interface cards, modems, multiplexers, and concentrators.
  • Evaluates the effectiveness of network firewalls, and other security devices operating on the customer Enterprise.
  • Assists in developing, documenting, and implementing security solutions to correct deficiencies that cannot be fixed with existing solutions.
  • Conduct research of vulnerabilities discovered in operating systems, application software, infrastructure, and network security devices.
  • Analyze network usage, hardware & software capabilities, ineffective practices or procedures, equipment capability and performance limitations, and  other relevant factors to ensure effective security posture including providing recommendations for methods, procedures, coordinates corrective action to optimize utilization of present equipment.
  • Provide command line interface guidance for proper configuration of operating systems and the ability to guide system administrators to secure configuration of operating systems such as Windows, VMWare, Cisco IOS, etc.
  • Implement and integrate IA defense postures to the customer's Enterprise systems and architectures when coordinated or immediately upon being directed to secure reported cyber threats from the appropriate level of authority.
  • Advise and support customer leadership with regards to technical recommendations in IA design, transition, operation, configuration management, continual service improvement, enterprise architecture, and assistance with IA policy and planning for the enterprise architecture, TA requirements, objectives and policies, and IA workforce.
  • Perform other duties as required


Minimum Qualifications

  • Requires current Information Systems Security Engineering Professional (ISSEP) or equivalent; DoD Information Assurance Certification and Accreditation Process (DIACAP)/Risk Management Framework (FMF). Recommends Certified Information Systems Security Professional (ISSP) and GIAC.
  • Requires Bachelor’s Degree in Computer Science field or relevant, and a minimum of eight years’ experience in information systems security;  or a Master’s Degree in Computer Science or a relevant field and a minimum of five years’ experience in information systems security.
  • Shall have knowledge of DoD and Joint Service computer network and communications regulations, services and instructions to ensure computer systems and telecommunications services are in compliance with applicable information assurance regulations and instructions.
  • Shall have documented experience organizing as well as contributing to the A&A of information systems under a National Institute of Standards and Technology (NIST) compliant RMF.
  • Shall have experience using Security Content Automation Protocol (SCAP) compliant automated vulnerability tools and assessment results to identify vulnerabilities and verify system hardening.
  • Shall have familiarity with RMF, extensive experience preparing, reviewing relevant artifacts to include but not limited to System Security Plan (SSP), Connection Termination Point (CTP), Secure Content and Threat Management (SCTM), Security Architectures, Plan of Actions and Milestones (POA&M), RAR, and etc.
  • Shall have a strong ability to effectively communicate technical and administrative information both orally and in writing.
  • Shall have familiarity with risk management framework and its rules & regulations.
  • Must be a US Citizen

Security Clearance

  • TS w/SCI Eligibility.


To Apply: We invite you to put your talents to work by joining a growing team of dynamic professionals here at Trace Systems! Be part of a culture at our leading edge company where you can achieve great things while fostering a satisfying and rewarding career progression. Please apply directly through the website at:      #jointracesystems


For any additional questions or to submit any referrals, please contact

Trace Systems is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Connect With Us!

Not ready to apply? Connect with us for general consideration.