A System Security Engineer (SSE) is the individual responsible for ensuring an acquisition program adheres to system security standards that is appointed by the Program Manager (PM) thru System Security Engineering. They design, evaluate and test systems security to ensure data and system integrity for an organization and/or system. Responsibilities include designing and monitoring of computer security systems, organizational users and visitors. This requires testing, updating, modifying, encryption and authentication.

Topics that the SSE need to understand and address are:

  • Information Assurance: Measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation (DoD 8500.01E: Information Assurance)
  • Cyber Security: Measures taken to protect a computer, networks, or information on a computer system (as on the internet) and electronic information storage facilities belonging to, or operated by or for, the DoD or US Government, against unauthorized access, or attack, or attempts to access
  • System Assurance: The justified confidence that the system functions as intended and is free of exploitable vulnerabilities, either intentionally or unintentionally designed or inserted as part of the system at any time during the life cycle (NDIA Engineering for System Assurance Guidebook)
  • System Security Engineering: An element of system engineering that applies scientific and engineering principles to identify security vulnerabilities and minimize or contain risks associated with these vulnerabilities

AcqLinks and References:

Updated: 6/11/2018

Print Friendly, PDF & Email