Information System Security Engineer (ISSE) III

Kinaras Solutions•Philadelphia, PA

46d•Onsite

About The Position

The Information System Security Engineer (ISSE) III will serve as a senior cybersecurity engineering professional in direct support of the Naval Surface Warfare Center Philadelphia Division (NSWCPD), as part of the Information Technology Operations Division. This position is responsible for providing comprehensive cybersecurity engineering and Risk Management Framework (RMF) services across complex Navy and DoD information systems and networks.

Requirements

Education: Bachelor’s degree in Computer Science, Information Technology, STEM, or a closely related technical field. (Relevant experience may substitute for education requirements per contract terms.)
Experience: Minimum of 7 years’ experience in information system security, cybersecurity engineering, or IA roles, including demonstrated experience with systems of similar complexity and sensitivity as those described in the SOW.
Certification: Must possess and maintain a DOD 8570.01-M IAT Level III baseline certification (e.g., CISSP, CASP+ CE, CCNP Security, CISA, GCED, or GCIH).
Clearance: Must have an active secret security clearance
Knowledge & Skills: Proven experience implementing the DoD Risk Management Framework (RMF) for IT systems, including RMF Step 1–6 activities, eMASS, and supporting A&A.
Detailed understanding of NIST, DoD, DoN, and NAVSEA cybersecurity policies, security controls, and audit requirements.
Strong technical expertise in vulnerability assessment, configuration/patch management, compliance testing, continuous monitoring, and cybersecurity documentation.
Proficiency with security management tools, vulnerability scanning platforms (e.g., ACAS, Nessus), and familiarity with cloud, virtualization, and modern network architectures.
Exceptional written and verbal communication skills, including the ability to develop technical documents and briefings for diverse audiences.
U.S. citizenship required.

Nice To Haves

Advanced degree in a relevant discipline.
Prior experience supporting Navy/DoD agencies or shipboard system cybersecurity.
Familiarity with eCRAFT, WAWF, and other DoD reporting/management tools.
Experience leading teams through system ATO processes and CDRL deliverable preparation.

Responsibilities

Lead and perform security engineering and integration activities for Navy IT.
Develop, document, and maintain RMF artifacts such as System Security Plans (SSPs), Security Assessment Reports, Plans of Action and Milestones (POA&Ms), and hardware/software inventories.
Conduct security categorization, security controls selection and implementation, vulnerability and risk assessments.
Plan and execute security testing, continuous monitoring, configuration management, and audit readiness for assigned systems.
Apply and validate Security Technical Implementation Guides (STIGs), Security Requirements Guides (SRGs), and other relevant DoD/Navy cybersecurity compliance standards.
Identify, document, and mitigate cybersecurity vulnerabilities.
Lead vulnerability scanning, analysis, remediation, and compliance activities.
Coordinate and support Assessment and Authorization (A&A) efforts, including obtaining and sustaining Authorizations to Operate (ATO), Interim Authorizations to Test (IATT), and support for POA&Ms.
Develop and update IA and cybersecurity policy and procedure documentation.
Participate in the creation of program plans, quality assurance processes, and technical reports.
Advise and collaborate with cross-functional project teams and government stakeholders to implement secure solutions and resolve RMF, audit, and operational security issues.
Provide technical mentorship and guidance to junior ISSEs and supporting personnel.
Ensure that all security engineering activities and deliverables support CDRL/reporting and DoD accountability requirements.
Remain current with changes in DoD, DoN, and NAVSEA cybersecurity/IA regulations, policies, and technology.