IA Security Engineer Sr - 3300

We are seeking an experienced Cyber-Security Engineer to lead and execute cybersecurity compliance, system lockdown, and patch management initiatives. The ideal candidate will have extensive experience with the Risk Management Framework (RMF), including hands-on use of Nessus/Tenable Security Center, SCAP, and STIGs for secure system configurations. This role requires a deep understanding of vulnerability assessment, security controls enforcement, system patching, and comprehensive documentation to support Authorization to Operate (ATO) processes.

Clearance: Secret Required

Location: Remote with frequent travel to El Paso, TX (Ft. Bliss)

Travel:  up to 30%

Key Responsibilities:

• Lead all cybersecurity, integration, and compliance activities.  Provide oversight for all Cybersecurity matters relating to Network, Wireless, CCTV, VTC, Endpoints, and other IT equipment within the boundary.
• Provide full Authority to Operate (ATO) support: SSP, risk assessment, ST&E, CONMON, and documentation.
• Ensure Adherence to:
  • DHS 4300A Sensitive Systems Policy
  • NIST 800-53 Rev. 5
  • FISMA & ICE-specific governance policies
  • Assignment of a Privacy Lead responsible for all PIA, PTA, and SORN documentation and collaboration with the ICE Privacy Unit.
• Oversee and conduct system lockdowns, hardening activities, patch management, and security configurations in accordance with STIG requirements.
• Perform and interpret advanced vulnerability assessments using scanning tools, identifying risks and implementing mitigation strategies.
• Utilize SCAP tools for automated compliance validation, patching, and security control enforcement.
• Develop and enforce security policies, procedures, and technical controls for classified and unclassified environments.
• Implement and oversee patch management strategies to ensure systems remain updated and secure.
• Manage RMF documentation, including System Security Plans (SSP), Risk Assessment Reports, and Plan of Action and Milestones (POA&Ms).
• Provide direct support for system accreditation efforts, security control assessments, and continuous monitoring activities.
• Collaborate with project management, system administrators, and other stakeholders to enhance security postures.
• Serve as a subject matter expert (SME) in vulnerability management, security architecture, risk mitigation strategies, and patch management.
• Monitor and analyze evolving cybersecurity threats, proposing proactive security enhancements.