Scientist, Information Security Systems Engineer

Job Title: Scientist, Information Systems Security Engineer

Job Code: 37365

Job Location: Melbourne, FL

Job Schedule: 9/80: Employees work 9 out of every 14 days – totaling 80 hours worked – and have every other Friday off

Job Description:

L3Harris Technologies is seeking an Information System Security Engineer (ISSE) to join the Mission Networks Sector in the Frontend Engineering team. This role will primarily support surveillance related programs and pursuits in the Surveillance & Automation Solutions Division. The ISSE will partner with Strategy & Business Development (S&BD) and Engineering teams to architect cybersecurity solutions for new business pursuits and provide guidance and oversight of information system security operations for existing programs. The ISSE will shape solutions that support Cloud deployments, leverage AI technologies in safety critical systems, and operate in FedRAMP High environments.

Essential Functions:

• Create, implement and commission cloud capable and on-premise security platforms in a variety of environments (e.g. PaaS, Iaas, SaaS, and SECaaS) to meet US government customer specified requirements for existing systems and new customers.


• Directs information security engineering activities within the enterprise pertaining to CDRL documents, trade studies, security control requirements analysis, secure architecture development, management & compliance with security controls, design review milestones and security control test/verification activities.


• Provide vision and innovative strategies to customers and program leaders for cloud capable solutions for growth and sustainment of technical capability, service performance, reputation and market share for our new and emerging lines of business within the enterprise.


• Provide guidance and oversight to the development and delivery of  documentation and processes that support government auditing and authorization of cloud-based security architectures to meet tailored NIST control requirements.


• Provide thought leadership to evaluate security requirements for proposals (e.g. RFP, RFI), collaborate with S&BD and Engineering to incorporate security into proposal solutions including authoring security responses in technical volumes and provide guidance for research projects (R&D) to grow the business.


• Ability to obtain an FAA Public Trust or DoD Clearance.

Qualifications:

• Bachelor’s Degree and a minimum of 12 years of prior relevant experience. Graduate Degree and a minimum of 10 years of prior related experience. In lieu of a degree, minimum of 16 years of prior related experience.

Preferred Additional Skills:

• Current or previous ISSE/ISSM/ISSO experience.


• FAA Domain experience; DoD IS knowledge/experience.


• 7 years’ experience designing, implementing and operating security controls for cloud-hosted applications or infrastructure.


• 5 years’ experience operating security architectures for cloud-based applications hosted by commercial cloud service providers, such as Amazon AWS or MS Azure.


• 5 years’ experience in the application and compliance of customer tailored NIST controls and policies for cloud services in a variety of architectures, including e.g. IaaS, PaaS, or SaaS.


• Detailed understanding of the Risk Management Framework (RMF), NIST, FISMA, and FIPS.


• Experience and understanding of bid and proposal generation for government contracts to meet the customer security requirements.


• Familiarity with network technologies (LAN & WAN) and best practices.


• Working knowledge with Microsoft Windows operating systems (workstation & server), Linux, and system virtualization (multiple hypervisors) in a secure network environment.


• Experience with compliance scanning tools (e.g. Nessus) and vulnerability scanning tools (e.g. Splunk).


• CCSP, CISSP or CISM certification.


• Excellent oral and written communication skills will be essential when interacting with customer, industry and company leaders.


• Member of committees or panel groups within the cloud security industry or associations.


• Experience publishing papers or articles expressing technical insight, innovation or thought on cloud security topics or initiatives within industry.

#Li-DK2