ISSE

About The Position

Requirements

• 7+ years of practical experience in Cybersecurity Engineering, Assessment & Authorization (A&A), and RMF package development.
• Direct, expert working knowledge of the RMF process and specific experience implementing NIST SP 800-53 Rev 5 control sets.
• Proficiency with cybersecurity assessment tools, specifically DISA eMASS and ACAS (Tenable Nessus).
• Understanding of cybersecurity risks associated with Windows Active Directory, Citrix virtualization environments, and IoT/OT physical security equipment (cameras/DVRs).
• Must be a U.S. Citizen possessing an active DoD Secret security clearance.
• Bachelor’s degree in technical discipline or equivalent practical experience.

Responsibilities

• Lead the development, analysis, and submission of the Authority to Operate (ATO) package via Navy eMASS in accordance with the Risk Management Framework (RMF).
• Select, tailor, and validate system security controls specifically mapping to the updated NIST SP 800-53 Rev 5 framework.
• Utilize Assured Compliance Assessment Solution (ACAS) and DISA STIG Viewer to scan and evaluate the security posture of Windows domain controllers, Citrix servers, and camera systems.
• Perform cyber-engineering analysis on End-of-Life (EOL) software components, recommending compensating controls or remediation pathways to the technical lead.
• Advise the systems engineering team on how proposed software updates and configuration changes will affect system accreditation and compliance.
• Develop and maintain critical cybersecurity artifacts, including the System Security Plan (SSP), Risk Assessment Report (RAR), and Plan of Action and Milestones (POA&M).

Benefits

• Medical benefits
• Dental benefits
• Educational reimbursement
• 401K plans with matching
• 15 days of PTO to start
• 11 paid holidays per year