Information System Security Engineer, Senior

Information System Security Engineer, Senior Key Role: Maintain responsibility for all Information Systems Security Engineer ( ISSE ) duties in support of Department of Defense ( DoD ) Risk Management Framework ( RMF ) and Intelligence Community Directive ( ICD ) 503. Leverage knowledge of National Institute of Standards and Technology ( NIST ) Spe cia l Publication 800-53 security controls and the Committee on National Security Systems Instruction 1253. Apply systems security engineering or architecture principles in support of the DoD RMF such as the specification, design, development, implementation, and modification of information system components. Select, tailor, and implement NIST SP 800-53 security controls in support of RMF Assessment and Authorization ( A & A ) requirements. Develop layered protections and establish cybersecurity Standard Operating Procedures ( SOPs ) or guidelines in support of security engineering practices for the organization’s authorization boundary. Understand and apply system development lifecycle principles, including Agile or Waterfall, and perform duties such as delineating physical and logical security boun dari es, ensuring that sof tware developers are trained on how to build secure sof tware, running security vulnerability scans, specifically with the DoD’s Assured Compliance and Assessment Solution ( ACAS ) while generating and interpreting vulnerability scans, implementing Security Technical Implementation Guidelines ( STIGs ) and CIS Benchmarks, and other duties asso cia ted with RMF Continuous Monitoring, including remediating or mitigating findings and vulnerabilities on system POA & Ms.