ISSE

Seeking a highly skilled Information Systems Security Engineer (ISSE) to support Training DevSecOps pipeline core infrastructure and data center in Suffolk, VA.

This 100% onsite role will be the primary point of contact for Assessment and Authorization (A&A) accreditation efforts 

Clearance: TS/SCI
Certification: IAT Level III (CASP CE, CCNP Security, CISA, CISSP, GCED, or GCIH)

Qualifications:

• Master’s degree in Cybersecurity or a related field OR 10+ years of cybersecurity analysis experience with a strong understanding of relevant laws, policies, and regulations.
• Minimum 5 years of experience with DoD cybersecurity policies, procedures, and directives (Task Orders, Executive Orders, OPORDs, OPSEC, OSINT, etc.).

Key Responsibilities:

• Serve as the primary Subject Matter Expert (SME) for all DoD Risk Management Framework (RMF) Assessment and Authorization (A&A) activities.
• Lead the documentation of security controls within eMASS, aligned with NIST SP 800-53 and CNSSI 1253 security categorization.
• Implement and test security controls, including overlays (privacy, classified, intel, etc.) and tailoring (AI, NOFORN, etc.).
• Collaborate with team leads, system owners, and developers to integrate security throughout the system lifecycle.
• Conduct data reconnaissance (active/passive) and develop comprehensive Plans of Milestones and Actions (POA&Ms) with verifiable mitigation strategies and tracking.
• Develop required A&A documentation (SSP, SAP, SARs, etc.).
• Maintain eMASS tasking within the accreditation cycle (Quarterly IV&V, quarterly STIG checks, Annual Security Review, monthly POA&M updates, ATO/ATC/IATC/IATT resubmissions).
• Manage DISA circuit connections (CCSDs), inheritances from accredited systems/cloud providers, and accreditation workflows.