Software Systems Engineer III

About The Position

Requirements

• Must be a U.S. Citizen with the ability to obtain and maintain a DoD Secret security clearance; active Secret clearance preferred.
• Bachelor’s degree in Cybersecurity, Computer Science, Systems Engineering, Information Technology, or related technical field; equivalent experience may be considered in lieu of a degree.
• 3–8 years of experience supporting RMF, cybersecurity engineering, information assurance, or systems security engineering activities within DoD environments.
• Experience executing the full RMF lifecycle in accordance with NIST SP 800-37 for DoD or Navy information systems.
• Strong knowledge of NIST SP 800-53 Rev 4 and/or Rev 5 security controls and control assessment methodologies.
• Experience developing RMF artifacts including SSPs, SAPs, SARs, RARs, and POA&Ms.
• Proficiency with ACAS/Nessus, SCAP Compliance Checker, STIG Viewer, and vulnerability management processes.
• Familiarity with system architectures, authorization boundaries, network diagrams, and secure systems engineering concepts.
• Ability to communicate technical security findings and risk determinations to technical and non-technical stakeholders.
• Experience supporting multiple concurrent authorization efforts in Agile or fast-paced engineering environments.

Nice To Haves

• Experience supporting Navy RMF implementations, NAVSEA processes, or Navy-specific authorization workflows.
• Proficiency with eMASS and VRAM.
• Experience supporting DoD cloud authorization efforts including IL4–IL6 or FedRAMP environments.
• Familiarity with Kubernetes, OpenShift, container security, or DevSecOps CI/CD pipelines.
• Relevant certifications such as Security+, CISSP, CAP, CISM, or AWS Security certifications.
• Experience supporting SCA evaluations or serving as an ISSE or ISSM.
• Strong organizational skills with the ability to independently manage multiple priorities and concurrent efforts.
• Effective collaboration, analytical thinking, and problem-solving skills.

Responsibilities

• Lead multiple Navy information systems through the full RMF lifecycle.
• Develop, submit and maintain complete authorization packages including SSPs, SAPs, SARs, RARs, POA&Ms, architectural diagrams, and hardware/software inventories.
• Assess and validate NIST SP 800-53 security controls and develop defensible control implementation narratives to support SCA and AO reviews.
• Implement and validate STIG compliance across operating systems, databases, applications, and network components.
• Conduct vulnerability scanning and analysis using ACAS/Nessus, SCAP Compliance Checker, and related cybersecurity assessment tools.
• Manage POA&M activities including risk characterization, remediation tracking, milestone management, and evidence validation through closure.
• Collaborate with system owners, ISSMs, ISSOs, SCAs, AOs, developers, and engineers to support authorization decisions and continuous monitoring activities.
• Develop and maintain authorization boundary diagrams, system architectures, data flow mappings, and security documentation.
• Support change impact analysis, ongoing authorization activities, and continuous monitoring strategies across multiple systems.
• Integrate cybersecurity and assessment activities into Agile development and DevSecOps workflows where applicable.

Benefits

• sign-on bonus
• healthcare benefits (medical, dental, and vision)
• Flexible Spending Accounts
• Life Insurance
• 401(k) plan with matching company contributions
• paid time off
• holidays
• tuition and training reimbursement