About the Department
The Information Assurance Security Engineering team is dedicated to providing value to DigitalGlobe by enhancing Information Security for government programs. We have two key focus areas; ICD-503 A&A Projects and next generation (P20/20) security engineering. The DigitalGlobe Information Assurance Security Engineering team is currently developing and implementing ICD-503 A&A programs strategies to ensure and maintain Authorization to Operate government accredited information systems. A&A programs that efficiently measure real risk vs mandated compliance is critical to enabling systems security that is effective in ensuring confidentiality, integrity, and availability.

About Security Engineering
This professional coordinates across DG departments to help ensure that security and compliance needs are met across accredited systems

This person will work with user, system administrator, and application owners in the implementation of an information security strategy, designed to provide a high level of security over data processing resources while preserving system usability of government accredited systems. This professional must be able to develop and implement flexible security solutions that meet the needs of a hybrid government/commercial business environment. The individual must be a results-oriented person who can achieve tangible improvements in the System Accreditation arena. Excellent technical and communications skills are a must.

Duties & Responsibilities

• Support system accreditation activities, including the creation of implementation and test plans
• Responsible for implementing, and monitoring security solutions that ensure the integrity, confidentiality, and availability of information and accredited systems
• Support the development and implementation of policies, standards and guidelines related to information security and compliance
• Manage the implementation and maintenance of key security technologies and processes including identity and access management, vulnerability assessment and penetration testing of software and hardware, configuration management and change detection, and security event management
• Assist in the review of applications and/or technology environments during the development or acquisitions process to assure compliance with corporate security policies and directions

Required Skills and Experience

• Minimum of 2 to 4 years of security experience working in a medium to high complexity production environment.
• United States Citizenship
• Existing security clearance (TOP SECRET) is required and the ability to obtain SCI accesses
• Bachelor of Science in Computer Science or related degree or equivalent experience
• Experience with ICD 503, DCID 6/3, NISPOM and related US Government standards and requirements
• CISSP, CISSP-ISSAP, or CISSP-ISSEP certification meeting DoD 8570/8140 IASAE I,II,III requirements
• Experience with Security Controls implementation for System Accreditation.

Preferred Skills

• Ability to multitask and prioritize projects, appropriately manage expectations, make difficult judgment calls and communicate complex issues in an easy to understand format.
• Knowledge of Unix and Windows authentication, authorization, privilege escalation mechanisms, access control, and auditing/logging procedures
• Knowledge of network administration and security practices and procedures, including routine network auditing
• Knowledge of key security technologies including vulnerability ACAS, ArcSight, HBSS, Tripwire.
• Ability to prepare multiple types of documentation, policies, guides, communications, presentations, etc.
• Must have excellent verbal and written communication skills
• Must possess strong analytical skills, flexibility, and be able to work in a team environment