Cybersecurity Engineer / ISSE (Active Secret Clearance)

About The Position

Requirements

• Active DoD Secret clearance.
• Minimum 3 years of hands-on cybersecurity experience implementing, upgrading and monitoring security measures for the protection of computer networks and information.
• Demonstrated experience performing vulnerability scanning and compliance assessments using tools such as ACAS and/or Evaluate-STIG.
• Experience supporting RMF / A&A processes, including development, maintenance, or review of cybersecurity documentation and artifacts.
• Experience identifying, assessing, and documenting cybersecurity risks and mitigation strategies.
• Ability to work independently as the sole on-site cybersecurity resource, managing workload, priorities, and task execution with minimal supervision.
• Strong attention to detail and ability to produce accurate, first-pass cybersecurity deliverables.
• CompTIA Security+ (or equivalent DoD 8140-compliant certification).
• Bachelor’s degree in Information Technology, Computer Science, Computer Engineering, or related field. (Additional relevant experience may be considered in lieu of degree.)

Nice To Haves

• Experience supporting NAVAIR, Navy, or DoD RDT&E environments.
• Hands-on experience with ACAS scan configuration, execution, validation, and reporting.
• Hands-on experience using Evaluate-STIG for STIG assessments, compliance tracking, and remediation support.
• Experience working with eMASSTER, Xacta, or similar RMF tools.
• Experience supporting systems across classified and unclassified networks.
• Familiarity with STIG implementation, POA&M development, and vulnerability remediation tracking.
• Experience supporting cybersecurity efforts during system acquisition, testing, and A&A phases.
• Additional cybersecurity certifications (e.g., CySA+, CASP+, CISSP, CEH).
• Demonstrated ability to operate autonomously while maintaining effective communication with remote teams and government stakeholders.

Responsibilities

• Plan, implement, monitor, and maintain cybersecurity controls to protect computer networks, systems, and information across classified and unclassified environments.
• Perform vulnerability scanning and assessment activities using tools such as ACAS and Evaluate-STIG, ensuring accurate configuration, execution, validation, and reporting of results.
• May support systems undergoing the acquisition lifecycle by assessing cybersecurity risks, identifying vulnerabilities, and recommending mitigation strategies in accordance with RMF and NAVAIR guidance.
• May execute cybersecurity testing and validation activities for systems undergoing Assess and Authorize (A&A).
• Develop, review, and maintain RMF artifacts and supporting documentation to ensure compliance with DoD and NAVAIR cybersecurity requirements.
• Assess risks to IT assets using available threat and vulnerability intelligence and provide clear, actionable risk recommendations.
• Provide technical expertise to identify security-related issues affecting current and planned systems, networks, and architectures within the NAVAIR enterprise and RDT&E environments.
• Respond to and assist with the investigation of cybersecurity incidents, vulnerabilities, and malware events as required.
• Serve as the primary and sole on-site cybersecurity resource, independently managing assigned tasks, priorities, and deliverables while coordinating with off-site team members and government stakeholders.
• Ensure cybersecurity deliverables are accurate, current, and usable on first submission, requiring minimal rework.
• Maintain awareness of emerging cybersecurity threats, tools, and best practices, and provide documented recommendations when appropriate.
• Maintain required training, certifications, and technical proficiency to adapt to evolving cyber threat landscapes and mission needs.