DigitalGlobe is a leading provider of commercial high-resolution earth observation and advanced geospatial solutions that help decision makers better understand our changing planet in order to save lives, resources, and time. Sourced from the world’s leading constellation, our imagery solutions deliver unmatched coverage and capacity to meet our customers’ most demanding mission requirements. Each day customers in defense and intelligence, public safety, civil agencies, map making and analysis, environmental monitoring, oil and gas exploration, infrastructure management, navigation technology, and providers of location-based services depend on DigitalGlobe data, information, technology, and expertise to gain actionable insight. DigitalGlobe is a public company listed on the NYSE as DGI, and is headquartered in Westminster, Colorado.

About the Department

The Information Assurance Security Engineering team is dedicated to providing value to DigitalGlobe by enhancing Information Security for government programs. We have two key focus areas; ICD-503 A&A Projects and next generation (P20/20) security engineering. The DigitalGlobe Information Assurance Security Engineering team is currently developing and implementing ICD-503 A&A program strategies to ensure and maintain Authorization to Operate government accredited information systems. A&A programs that efficiently measure real risk vs mandated compliance is critical to enabling systems security that is effective in ensuring confidentiality, integrity, and availability.

Summary

This professional coordinates across DG departments to help ensure that security and compliance needs are met across accredited systems

This person will work with user, system administrator, and application owners in the implementation of an information security strategy, designed to provide a high level of security over data processing resources while preserving system usability of government accredited systems. This professional must be able to develop and implement flexible security solutions that meet the needs of a hybrid government/commercial business environment. The individual must be a results-oriented person who can achieve tangible improvements in the System Accreditation arena. Excellent technical and communications skills are a must.

Duties & Responsibilities

• Support system accreditation activities, including the creation of implementation and test plans
• Responsible for implementing and monitoring security solutions that ensure the integrity, confidentiality, and availability of information and accredited systems
• Support the development and implementation of policies, standards and guidelines related to information security and compliance
• Manage the implementation and maintenance of key security technologies and processes including identity and access management, vulnerability assessment and penetration testing of software and hardware, configuration management and change detection, and security event management
• Assist in the review of applications and/or technology environments during the development or acquisitions process to assure compliance with corporate security policies and directions

  Required Skills

  This position requires a minimum of 5 to 7 years of security experience working in a medium to high complexity production environment.

  • Existing security clearance (SECRET) is required and the ability to obtain SCI accesses
  • Bachelor of Science in Computer Science or related degree or equivalent experience
  • Experience with ICD 503, DCID 6/3, NISPOM and related US Government standards and requirements
  • Experience with implementing security controls for System Accreditation.

    Desired Skills

  • CISSP, CISA, CISM, CEH, or equivalent certification meeting DoD 8570/8140 requirements
  • Knowledge of Unix and Windows authentication, authorization, privilege escalation mechanisms, access control, and auditing/logging procedures
  • Knowledge of network administration and security practices and procedures, including routine network auditing
  • Knowledge of key security technologies including vulnerability ACAS, ArcSight, HBSS, Tripwire.
  • Experience with AWS and OpenStack cloud environments
  • Experience with writing scripts (python, perl, bash)
  • Ability to multitask and prioritize projects, appropriately manage expectations, make difficult judgment calls and communicate complex issues in an easy to understand format.
  • Ability to prepare multiple types of documentation, policies, guides, communications, presentations, etc.
  • Must have excellent verbal and written communication skills
  • Must possess strong analytical skills, flexibility, and be able to work in a team environment

  DigitalGlobe offers a generous compensation package including a competitive salary; choice of medical plan; dental, life, and disability insurance; a 401(K) plan with competitive company match; paid holidays and paid time off.