ISSE SME

About The Position

Requirements

• 12+ years overall experience (or a Bachelor's + 10 years) in cybersecurity engineering, RMF, and information assurance.
• Must have an active Secret Clearance.
• Expert knowledge of DoD RMF, NIST SP 800-series, FISMA, and Zero Trust.
• Demonstrated experience with Cloud/Virtualization (GovCloud), DevSecOps/ICAM, Network Security, and Continuous Monitoring tools.
• Required: CCISO, CISM, CISSP (or Associate), or GSLC.
• Strong communication; ability to translate technical configs to compliance documentation.

Responsibilities

• Manage the Risk Management Framework (RMF) lifecycle (categorization, assessment, ATO) and develop key documentation (SSPs, SARs, POA&Ms).
• Collaborate with engineering teams (cloud, DevSecOps, infrastructure) to embed security controls in virtualized and containerized environments, ensuring alignment with Zero Trust and ICAM principles.
• Support continuous monitoring, vulnerability mitigation, and compliance for various baselines, including FedRAMP and DoD Cloud standards.
• Facilitate necessary approvals (BCAP/SNAP) and coordinate with ISSOs, AOs, and system owners to maintain Authority to Operate (ATO).
• Manage the ISSE team, translating security needs into appropriate FISMA boundaries.