Information Systems Security Engineer (ISSE)

About The Position

Requirements

• Previous experience as a n Information Systems Security Engineer (ISSE) or similar role supporting a DoD customer at the C CMD leve l
• Minimum of 12 years’ experience with a BS/BA or 10 years’ experience wi t h an MS/MA o r 7 years’ experience with a PhD. or 16 years' W/o a degree or 14 years' with AS/AA degree
• A current, active DoD security clearance at the TS/SCI level
• US citizenship is
• DoD 8140 role for WRC: 631; Element: CS; Work Role: Information Systems Security Developer; Proficiency Level: Advanced / Ability to obtain

Nice To Haves

• DoD-approved IA baseline certification for ADP-III/IT-III based on the IAT level and CE/Operating System (OS) certificate within six months of the assignment.

Responsibilities

• Provides mid-level management and technical leadership to a team of security administrators.
• Coordinates the RMF authorization efforts for specific C2ISR information systems and networks, ensuring alignment with overall security authorization strategies.
• Manages the development and maintenance of RMF documentation for designated C2ISR systems, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms).
• Oversees security control assessments, ensuring proactive alignment with technological system requirements and operational objectives .
• Facilitates the systematic integration of RMF processes into acquisition and systems engineering lifecycles by managing relevant documentation and evidence.
• Contributes to obtaining IATTs, ATOs, and ATCs by ensuring authorization packages are complete, accurate , and submitted on time.
• Collaborates effectively with ISSOs, ISSEs, system owners, and authorizing officials to interpret RMF requirements and manage authorization timelines.
• Provides RMF implementation insights and guidance to project teams, contributing to continuous infrastructure security validation.
• Operates with appreciable latitude in defining and implementing RMF-related management processes and controls for multiple systems.
• Ensures and champions adherence to established RMF policies, security best practices, and documentation standards for all assigned projects.
• Safeguard sensitive and critical information systems
• Proactively research and mitigate new and evolving technological threats
• Research and stay current on newly released threat prevention strategies from vendors and research orgs (CISA, NIST, MITRE, SANS, ISACA)
• Support and assist official Cyber Operational Readiness Assessment (CORA), IG, and other official audits, inspections, and investigations
• Implement and enforce Supply Chain Risk Management (800-161) with acquisition processes
• Assist with the development and maintenance of program manuals, procedure documents, operational security, and information disclosure reporting guides
• Develop the capability for automatic assimilation of scans, STIGs, and security control matrices with AI and machine learning for analysis, remediation, and cATO capability readiness
• Utilize the following Role Specific Tools: Risk Management Framework (RMF) compliance platforms ( Xacta , eMASS , Archer GRC); security control assessment dashboards (NIST SP 800-53, CNSSI 1253); vulnerability scanning and remediation tools (Elastic Stack, ACAS,, Nessus, Qualys); SIEM platforms (Splunk, ArcSight, Elastic Security) for log aggregation and anomaly detection; Zero Trust architecture enforcement tools; cross domain solution monitoring systems ( Everfox High Speed Guard, Radiant Mercury); encryption and key management systems (Type 1 TACLANE, HAIPE IS); configuration management databases (CMDB) for security artifacts; SOP/QRC libraries for standardized cybersecurity processes; lessons learned repositories for ISSM practices; stakeholder communication dashboards for security posture visibility; compliance audit checklists for DoD cybersecurity standards and Raise the Bar requirements.