Maintain responsibility for all Information Systems Security Engineer (ISSE) duties in support of Department of Defense (DoD) Risk Management Framework (RMF) and Intelligence Community Directive (ICD) 503. Leverage knowledge of National Institute of Standards and Technology (NIST) Special Publication 800-53 security controls and the Committee on National Security Systems Instruction 1253. Apply systems security engineering or architecture principles in support of the DoD RMF such as the specification, design, development, implementation, and modification of information system components. Select, tailor, and implement NIST SP 800-53 security controls in support of RMF Assessment and Authorization (A&A) requirements. Develop layered protections and establish cybersecurity Standard Operating Procedures (SOPs) or guidelines in support of security engineering practices for the organization's authorization boundary. Understand and apply system development lifecycle principles, including Agile or Waterfall, and perform duties such as delineating physical and logical security boundaries, ensuring that software developers are trained on how to build secure software, running security vulnerability scans, specifically with the DoD's Assured Compliance and Assessment Solution (ACAS) while generating and interpreting vulnerability scans, implementing Security Technical Implementation Guidelines (STIGs) and CIS Benchmarks, and other duties associated with RMF Continuous Monitoring, including remediating or mitigating findings and vulnerabilities on system POA&Ms.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Career Level
Senior
Industry
Professional, Scientific, and Technical Services
Education Level
Bachelor's degree
Number of Employees
5,001-10,000 employees