Information System Security Engineer (ISSE)

Amentum-posted 3 months ago
$210,000 - $220,000/Yr
Mid Level
Elkridge, MD
Professional, Scientific, and Technical Services
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

Amentum is seeking a Information System Security Engineer (ISSE) to join our team of passionate individuals in Elkridge, MD. In this role you will support challenging, mission-critical projects that make a direct impact on the Nation's security and intelligence mission. As a Cyber Systems Engineer/ Information System Security Engineer (ISSE) at Amentum, you will play a vital role in safeguarding national security by protecting the integrity, confidentiality, and availability of government-affiliated information systems. Your expertise will directly support critical defense and intelligence missions, ensuring that cybersecurity risks are identified, mitigated, and continuously monitored in alignment with stringent DoD and DIA standards. By serving as the primary security advisor for assigned systems, your work will not only ensure operational compliance but will also contribute to the resilience and trustworthiness of mission-critical infrastructure relied upon by U.S. government agencies. Through close collaboration with engineers, system administrators, government clients, and security assessors, you will help design and maintain secure environments where innovation and mission success are achieved without compromising cybersecurity. Your contributions will have a lasting impact, enabling rapid threat response, reduced risk exposure, and the sustained protection of sensitive data and digital assets vital to national defense and intelligence operations.

  • Lead Security Authorization Efforts: Oversee and coordinate the Assessment & Authorization (A&A) processes in alignment with Risk Management Framework (RMF) and Intelligence Community Directives (ICD).
  • Develop and Maintain Security Documentation: Prepare and maintain essential security documentation such as System Security Plans (SSPs), Concept of Operations (CONOPS), Contingency Plans (CP), General User Guides (GUG), Privileged User Guides (PUG), and Standard Operating Procedures (SOPs).
  • Collect and Analyze Security Artifacts: Coordinate with program managers, system owners, and engineering teams to collect Bodies of Evidence (BoEs) and artifacts necessary for A&A.
  • Coordinate Authorization Milestones: Facilitate and track progress through customer A&A processes to achieve key security milestones such as Authority to Develop (ATD), Interim Authority to Test (IATT), and Authority to Operate (ATO).
  • Support Security Compliance and Audit Activities: Act as a liaison during audits and compliance assessments, supporting continuous monitoring and promoting adherence to RMF, DIA policy, IC guidance, and applicable federal laws.
  • Evaluate and Respond to Emerging Threats: Review and revise control volatility sections of security plans in response to evolving threats, policy changes, and updated federal or agency guidance.
  • Deliver Recommendations and Process Improvements: Generate actionable recommendations to enhance the security program.
  • Technical Content Review: Perform detailed technical and editorial reviews of A&A documentation, ensuring clarity, accuracy, and compliance with relevant standards and frameworks.
  • Certification Maintenance: Maintain compliance with DoD 8570.01-M requirements for the IASAE Level II role.
  • In-depth understanding of the Risk Management Framework (RMF) lifecycle and Intelligence Community Directives (ICDs), particularly ICD 503.
  • Ability to lead and coordinate all phases of the A&A process, from system categorization to authorization and continuous monitoring.
  • Demonstrated experience engaging with Group-level ISSMs, SCAs, and other key stakeholders to facilitate timely and thorough security reviews.
  • Proficiency in interpreting security requirements and guiding implementation across complex system architectures.
  • Experience coordinating with PMs, system owners, and engineering teams to gather required Bodies of Evidence (BoEs).
  • Strong analytical skills to assess artifacts and ensure alignment with RMF controls and A&A package requirements.
  • Ability to track and document Plan of Action and Milestones (POA&Ms), and work with stakeholders to ensure timely mitigation and evidence collection.
  • Understanding of key cybersecurity milestones including: Authority to Develop (ATD), Interim Authority to Test (IATT), Authority to Operate (ATO).
  • Proven ability to track project status, escalate delays, and maintain open communication with both technical teams and leadership.
  • Experience navigating customer-specific A&A processes, tools, and review boards.
  • Experience supporting internal and external audits, including liaising with auditors and preparing for compliance assessments.
  • Familiarity with Information Security Continuous Monitoring (ISCM) strategies and implementation.
  • Understanding of agency-specific compliance standards including DIA policies, DoD directives, and federal cybersecurity laws.
  • Ability to support and update Organizational Assessment (OA) Strategy Plans annually or as required.
  • Ability to perform threat modeling and incorporate emerging threats into the security control strategy.
  • Knowledge of High Value Asset (HVA) protection requirements and protocols for systems classified as Top Secret, SCI, and Secret.
  • Experience with dynamic updates to the control volatility section of SSPs in response to policy changes, new threat intelligence, updated guidance from DIA, IC, NIST, etc.
  • Experience conducting gap analyses, risk assessments, and security posture evaluations.
  • Ability to recommend policy, process, or technical improvements based on A&A findings, lessons learned, and audit outcomes.
  • Demonstrated ability to document findings and present them in a clear, actionable format to stakeholders.
  • Strong writing and technical editing skills to review A&A documentation for compliance with standards, technical accuracy, readability, and consistency.
  • Familiarity with collaborative review processes and version control tools (e.g., SharePoint, Confluence, Git, etc.).
  • Must hold and maintain a DoD 8570.01-M IASAE Level II certification, such as: CISSP-ISSAP, CISSP-ISSEP, CASP+ CE (if accepted by employer).
  • Experience supporting DIA or Intelligence Community customers.
  • Familiarity with eMASS, Xacta, or similar compliance management platforms.
  • Experience with classified system environments (e.g., SIPR, JWICS).
  • Working knowledge of Linux and Windows secure system configuration.
  • Experience interacting with Government Authorizing Officials (AOs) and Security Control Assessors (SCAs).
  • Medical, dental, vision, and basic life insurance.
  • 401k plan, deferred compensation plan, and Executive Deferral Plan.
  • 17 days of vacation per year, seven paid holidays, plus floating holidays and caregiver leave.
  • Opportunity to purchase company stock and receive a performance discretionary bonus.
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service