Information Systems Security Engineer

About The Position

Requirements

• Active Top Secret/SCI clearance
• 5+ years of cybersecurity experience supporting DoD and/or Intelligence Community (IC) environments
• Experience implementing and supporting the Risk Management Framework (RMF) for mission-critical systems
• Proven ability to implement IT security controls to ensure confidentiality, integrity, and availability of systems and data
• Strong experience in vulnerability management, including POA&M development, tracking, and remediation coordination
• Experience managing Security Control Traceability Matrices (SCTMs) and working with Authorizing Officials (AOs) and Security Control Assessors (SCAs)
• Demonstrated experience supporting Assessment & Authorization (A&A) processes, including development of ATO and IATT packages
• Experience developing and executing security testing and validation procedures
• Experience authoring and maintaining System Security Plans (SSPs) and related cybersecurity documentation
• Strong analytical and systems engineering skills, with the ability to assess architectures and recommend security improvements
• Ability to effectively communicate cybersecurity concepts, including developing documentation and delivering technical briefings to stakeholders
• Strong organizational and multitasking skills, with the ability to manage multiple priorities in a dynamic environment
• Ability to work independently and collaboratively within cross-functional and distributed teams
• Commitment to maintaining DoD cybersecurity certifications and staying current with evolving security requirements
• BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution
• One or more of the following Security+, CISSO, CISSP, CISSP-ISSMP, or equivalent military training/certification

Nice To Haves

• One or more of the following : CCSP, CGRC/CAP, CASP+, Cloud+, SSCP, GSEC, CISM, CISSO, CISSP, CISSP-ISSMP, GCIA, GCSA, GSLC, CGIH, or FITSP-M—or equivalent military training/certification

Responsibilities

• Perform risk identification and assessment activities in support of system and enclave change management processes
• Develop and oversee information system security policies, procedures, and implementation guidelines
• Support and ensure availability of resources for Cyber Security Service Provider (CSSP) functions, including vulnerability assessments, remediation, and endpoint protection
• Conduct and coordinate security testing and evaluations using intrusion detection, monitoring, and assessment tools to validate system security posture
• Identify, document, and track security vulnerabilities within POA&Ms, SARs, and RARs, ensuring proper reporting and escalation of critical issues to the Authorizing Official (AO)/Designated Approving Official (DAO)
• Support continuous monitoring activities and ensure systems maintain compliance with RMF security controls
• Develop and execute security test plans and procedures to validate system compliance and performance requirements
• Support Assessment and Authorization (A&A) activities, including development and maintenance of ATO and IATT packages
• Author and maintain System Security Plans (SSPs) and other required cybersecurity documentation
• Coordinate with stakeholders, including AOs, SCAs, and configuration management authorities, to support system security and accreditation efforts

Benefits

• Medical, dental, vision, disability, and life insurance
• Flexible Spending Accounts
• 401(k)
• PTO
• Paid Paternal leave
• Tuition reimbursement
• Paid federal holidays