Information System Security Engineer - L2

Crystal Management - Colorado Springs, CO2.8

Full-time | TemporaryEstimated: $83,000 - $110,000 a year

Since 2005, Crystal Management provides information technology IT infrastructure, systems integration, cybersecurity, facility design and transition, and professional services to customers in the defense, civilian federal agencies, homeland security, intelligence, and commercial sectors. We understand the mission demands innovative approaches, technology and people. With talented professionals deployed worldwide, Crystal Management delivers IT enterprise solutions, systems engineering, and management consulting services for the largest transformation and restationing programs in defense history. Crystal Management is a service disabled veteran owned small business.

Primary Location: Colorado Springs, CO

Working Hours: Day, 7AM - 4PM, Some on call

Position Summary

Provide engineering support and capability to consult/troubleshoot security related matters for enterprise information systems and network architectures, system access problems and implementation of security policies and procedures. Ensure security access and protect against the unauthorized access, modification, or destruction of systems or data. Demonstrate familiarity with a variety of security concepts, practices, and procedures, including the importance of building security requirements and practices into the systems engineering process and the software development lifecycle. A wide degree of security-relevant creativity and latitude is expected. The Information System Security Engineer reports to the Mission Support Manager.


Apply intermediate-level knowledge of information security principles and practices. Manage and maintain the security integrity of all IT systems and network architectures. Ensure systems are securely operated, maintained, and disposed of in accordance with security policies and practices defined by the customer federal government agency and outlined in the security plan. Ensure all system users have the correct authorizations and privileges to perform their jobs, and are aware of their security responsibilities while accessing the system.

Provide training to system users on preferred security practices. Author risk assessments and support certification and accreditation activities. Participate in system reviews, to include custom, COTS and GOTS software and hardware, and in-house software development, and provide recommendations for securing the systems and software.

Other facets of the IT Security Engineer responsibilities include the following:

Provide daily, ongoing security oversight of assigned systems, to include the security impact of proposed modifications, additions, and technology refresh evolutions
Advise users of the security features and procedures used in their ISs
Understand system security vulnerabilities and associated threats, and assess the overall security risks to the system.
Provide mitigation recommendations to reduce identified security risks
Work directly with internal IT staff and customer to establish and enforce IT security best practices, protection objectives, process improvements and effective IT security controls
Perform system vulnerability scanning using approved software tools
Demonstrate understanding of software installations, systems monitoring and troubleshooting, account management, and overall efforts to minimize system downtime
Understand the administration of critical server infrastructure, including stand-alone and virtual servers, Containerization, server backup and recovery, and platforms such as file servers and web servers
Provide support to the administration staff for security-relevant applications, such as IDS/IPS and log manager, and associated accounts. Assist in IT security incident response and documentation. Perform regularly scheduled security reviews e.g., technology, operations and personnel.

Serve as an interface to government compliance and policy teams to ensure the system consistently meets the requirements for certification and accreditation. Participate in designing and managing IT Security strategy including both infrastructure and applications. Assist with security and compliance based projects. Consult with users to determine requirements, and provide security solutions to meet needs. Coordinate projects involving database and security issues and requirements.


Bachelor's degree or equivalent in Computer Science, Information Systems Management, Information Technology or other related discipline with 3 or more years related professional experience.

Minimum Qualifications

Bachelor's Degree inComputer Science, Information Systems Management, Information Technology or other related discipline
3-5 years' Information Security experience as a Security Engineer supportingdevelopment, test and production environments.
Experience implementing and enforcing security directives, policies, publications and regulations
Experience with System Security Plan content and requirements
Experience in IT security certifications CISSP, CompTIA Security +, CPP
Possess clear understandingof security protocols and standards and have experience with software and security architectures.
Ability to design and implement security tests in accordance with stated criteria
Experience with security practices of Intranet and Extranet
Experience with Linux/UNIX and Windows Operating Systems
Experience understanding protocols and standards, such as, SSL/TLS, CIFS, HTTP/S, DHCP, SMTP, LDAP/S and Microsoft DNS
Experience in networking concepts and services, such as, VPNs, IPSec, PKI and TCP/IP
Expertise in accreditation processes, such as Risk Management Framework RMF, with knowledge of NIST 800.53 standards.

Preferred Qualifications

3+ years of experience in IT security field
Familiar with security controls for Federal Information Systems
Ability to integrate and function as a Security professional team member
Ability to work with minimal direction on a variety of, and sometimes ambiguous, requirements
Strong communication skills, both oral and written
Organized, responsive and highly thorough problem solver
Familiar with security controls of Federal Information Systems


Active DoD Secret and DHS suitability

Crystal Management, LLC provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.