Description

Position Overview

The Information Systems Security Engineer (ISSE) supports the design, development, integration, and sustainment of secure information systems across classified environments. The ISSE ensures cybersecurity requirements are properly defined, implemented, assessed, and maintained throughout the system lifecycle in compliance with DoD, IC, and NIST security frameworks. This position works closely with system engineers, developers, ISSOs, and mission stakeholders to ensure end-to-end protection of mission-critical systems.

Key Responsibilities

• Apply security engineering principles to define, document, and maintain cybersecurity requirements across system architectures, designs, and implementations.

• Develop and maintain security documentation including SSPs, CONOPs, SCTMs, and architecture diagrams in alignment with RMF, JSIG, ICD 503, and NIST SP 800-53.

• Conduct security impact analyses, risk assessments, and vulnerability reviews to ensure systems meet protection and compliance requirements.

• Support the development, testing, and evaluation of security controls; recommend mitigations and configuration changes to reduce system risk exposure.

• Work with system engineers and developers to integrate security mechanisms into system designs, including authentication, access control, encryption, auditing, and boundary protection.

• Participate in design reviews, technical interchange meetings, and engineering working groups to ensure cybersecurity is incorporated from concept through deployment.

• Provide expertise during system accreditation activities, including evidence collection, artifacts development, and coordination with Authorizing Officials (AOs) and Security Control Assessors (SCAs).

• Monitor and validate continuous monitoring activities, POA&M updates, and system change control to maintain ongoing authorization.

• Analyze emerging threats, vulnerabilities, and operational risks; recommend proactive security enhancements.

• Ensure compliance with DoD, Intelligence Community, and program-specific cybersecurity directives, standards, and governing policies.

Required Qualifications

• Active TS/SCI security clearance

• 5+ years of professional experience in cybersecurity, information assurance, or systems engineering

• Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, Engineering, or related technical discipline

• Hands-on experience implementing and assessing security controls (NIST SP 800-53, ICD 503, JSIG, RMF)

• Proficiency with security engineering concepts including encryption, network security, access control, secure architecture, and vulnerability management

• Working knowledge of system development lifecycle (SDLC) and configuration management processes

• Ability to develop, review, and maintain security documentation and technical artifacts

• Strong understanding of threat models, defensive security technologies, and risk mitigation strategies

• Excellent communication skills with ability to collaborate across technical and non-technical teams

Preferred Qualifications

• CISSP, CASP+, CEH, CCSP, or DoD 8570.01-M IAM/IASAE certifications

• Experience with virtualization, cloud security, or containerized environments

• Familiarity with DevSecOps toolchains and automated security testing

• Experience supporting system accreditation efforts within DoD or IC environments

PI280013898