Information System Security Engineer (ISSE) - Security Clearance Required

Envisioneering, Inc. is seeking an Information Systems Security Engineer (ISSE) . This position will be responsible for the following :

Summary ISSE Responsibilities :

• Oversee the development and maintenance of a system’s cybersecurity solutions.
• Identify AO and SCA cognizance (i.e. FAO or NAO, and FSCA or SCA) of the system as well as any specific authorization requirements such as reciprocity, cross domain, and applicable overlays to support System Categorization.
• Identify mission criticality.
• Identify and tailor the security control baseline with applicable overlays.
• Assist with development, maintenance, and tracking of the SP.
• Lead the security control implementation and testing efforts.
• Perform vulnerability-level risk assessment on the POA&M / RISK Assessment Worksheet.
• Assist with any security testing required as part of A&A or annual reviews.
• Assist in the mitigation and closure of open vulnerabilities under the system’s change control process.
• Oversee cybersecurity testing to assess security controls and recording security control compliance status during the continuous monitoring phase of the lifecycle.
• Make data entries into the eMASS record and POA&M consistent with implementation results.
• Utilize the Collaboration Board in the eMASS workflow for all formal coordination during the RMF process. Detailed findings will be posted in the Artifacts tab (if necessary).
• Rework shall be documented and provided to the PSO / PMO for review.

Assist the ISSM / ISSO with the following responsibilities :

• Lead the RMF process for assigned programs, organizations, systems, or enclaves.
• Maintain and report system’s A&A status and events.
• Manage the SP for assigned systems throughout their lifecycle.
• Perform annual security reviews, annual testing of security controls, and annual testing of the contingency plan, in line with FISMA requirements.
• Manage POA&M entries and ensuring vulnerabilities are properly tracked, mitigated, and resolved.
• Assist with identification of the security control baseline set and any applicable overlays.
• Supervise the validation of security controls with the PM / ISO, SCA Liaison, PSO, and AO CSA.
• Assemble the Security Authorization Package and submit for adjudication.
• Register and maintain the system in eMASS.
• Assess the quality of security control implementation against all requirements in accordance with the approved SLCM strategy.
• Plan and perform cybersecurity testing to assess security controls and recording security control compliance status during sustainment.
• Report changes in the security posture of systems to the AO.
• Utilize the Collaboration Board in eMASS workflow for all formal coordination during the RMF process. Detailed findings will be posted in the Artifacts tab (if necessary).
• Assist the ISSMs in executing their duties and responsibilities.
• Ensure compliance with all USN, DON, and DoD cybersecurity policies.
• Ensure all users possess the requisite security clearances and awareness of their responsibilities for systems under their purview prior to being granted access.
• Ensure an incident response, business continuity, disaster recovery, as well as vulnerability and threat reporting plans and channels are in place and that team members are trained accordingly.
• Ensure relevant policy and procedural documentation is current and accessible to properly authorized individuals.
• Utilize the Collaboration Board in the eMASS workflow for all formal coordination during the RMF process. Detailed findings will be posted in the Artifacts tab (if necessary).

MINIMUM SKILLS / QUALIFICATIONS :

• Must have and maintain a DoD Top Secret Clearance.
• CompTIA Security+ or other DOD 8570.01 IAT Level 2 or 3 certification.
• 6-10 years of system administration and / or cybersecurity experience.
• Working knowledge of system administration fundamentals which may include, but is not limited to, administration of desktop / workstations, dedicated and virtual servers, Microsoft Active Directory.
• Self-motivated and the ability to multi-task and balance multiple goals and priorities.
• Must be familiar with DoD Risk Management Framework (RMF) policies, standards, procedures and have relevant experience with associated tools (e.

g., eMASS, XACTA 360, Assured Compliance Assessment Solution (ACAS), Anchore, DISA Security Technical Implementation Guides (STIGs), SCAP Compliance Checker (SCC), STIG Viewer, eMASSter, Eval STIG).

PHYSICAL DEMANDS :

Sedentary / 10 lbs. maximum. Occasional life / carry of small articles. Some occasional walking or standing may be required.

EDUCATION :

• High School diploma or GED equivalent.
• Security+ or other DOD 8570.01 IAT Level 2 or 3 certification.

SALARY RANGE : $130,000.00 - $160,000.00

BENEFITS : Envisioneering, Inc. offers a stable work environment, a competitive salary, and a comprehensive benefits package including 401k, Medical / Dental / Vision, FSA, Short Term, Long Term, AD&D and Life insurance, (employer paid), voluntary life, Tuition Reimbursement, Paid Leave, Holidays and much more.

AS A CONDITION OF EMPLOYMENT : You must pass a drug and pre-employment drug screening. U.S. Citizenship Required. Candidate must follow all company and non-DOT Drug and Alcohol Testing.

A Department of Defense (DoD) Top Secret security clearance is required at time of hire. Applicants selected will be subject to a U.

S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.

S. citizenship is required. Please confirm in your cover letter or resume.

IT-SECURITY