Information Systems Security Engineer (ISSE)

Booz Allen Hamilton•Usa, MD

1d•Remote

About The Position

The Information Systems Security Engineer (ISSE) will apply expertise in cybersecurity, risk management, and secure system design to strengthen national defense and protect mission-critical AI-enabled capabilities. The role involves identifying security controls, assessment tools, and authorization strategies for securely integrating emerging technologies into operational, research, and enterprise environments. The ISSE will guide and mentor professionals in analyzing cybersecurity challenges, conducting security assessments, and remediating vulnerabilities. Key responsibilities include leading the creation and maintenance of RMF authorization packages, managing ATO processes, and overseeing the development of cybersecurity artifacts. The role requires leveraging tools like ACAS, SCAP, and eMASS to evaluate system risks, ensure compliance with STIGs and IAVM directives, and coordinate vulnerability remediation. The ISSE will embed cybersecurity best practices into AI development pipelines and integrate security throughout the system lifecycle, contributing to the secure deployment of advanced capabilities. This position offers hands-on problem solving, collaboration with DevOps, Cloud Architects, and AI/ML Engineers, and continuous learning opportunities.

Requirements

Experience with the Risk Management Framework (RMF), including creation and maintenance of authorization packages, ATOs, and re-authorizations.
Experience conducting security assessments, vulnerability remediation, and continuous monitoring in alignment with RMF.
Experience with compliance scanning and VM tools, especially ACAS and SCAP.
Experience implementing cybersecurity directives such as IAVM directives, CPUs, and STIGs.
Experience updating and maintaining eMASS, including scan results, documentation, and evidence packages.
Knowledge of system lifecycle management and procurement cybersecurity requirements.
Ability to prepare and maintain cybersecurity documentation, including SSPs, SARs, and POA&Ms.
Ability to analyze system architectures, hardware, and software designs to identify and mitigate security risks.
TS/SCI clearance with a polygraph.
HS diploma or GED.

Nice To Haves

Experience securing AI-enabled or ML-driven systems.
Experience with cloud and hybrid architectures, especially when securing AI workloads.
Experience with DevSecOps tooling, CI/CD security integration, and automated compliance workflows.
Experience working with cross-functional AI/ML development teams.
Experience in secure software development or secure architecture design reviews.
Experience with cybersecurity automation scripting such as Python, PowerShell, or Ansible.
Knowledge of DoD-specific cybersecurity governance frameworks, mission workflows, and operational environments including USCYBERCOM or DoW environments.
Bachelor’s degree.

Responsibilities

Identify security controls, assessment tools, and authorization strategies for emerging technologies.
Guide and mentor professionals in analyzing cybersecurity challenges, conducting security assessments, and remediating vulnerabilities.
Lead the creation and maintenance of RMF authorization packages.
Manage ATO processes.
Oversee the development of key cybersecurity artifacts, such as system security plans and POA&Ms.
Evaluate system risks using tools like ACAS, SCAP, and eMASS.
Ensure compliance with STIGs and IAVM directives.
Coordinate vulnerability remediation efforts across project teams.
Embed cybersecurity best practices into AI development pipelines.
Integrate security throughout the system lifecycle.
Shape resilient, innovative security solutions.