Information Systems Security Engineer; ISSE Security Clearance

Position: Information Systems Security Engineer (ISSE) with Security Clearance
R
- Description Join the Digital Modernization Sector! We're on the lookout for a dynamic and experienced Information Systems Security Engineer (ISSE) with 12+ years of expertise to help drive IT mission-critical cybersecurity initiatives. In this high-impact role, you'll support Accreditation & Authorization (A&A) efforts across multiple tiers of the customer organization, playing a key role in strengthening security at the Group level and beyond.

If you're ready to lead, collaborate, and make a difference — this is your moment! Candidate MUST:
Be currently located in the United States. Have the ability to obtain a level 4 Public Trust Clearance. This role is primarily remote, with rare onsite requirements. Candidates must be local to the DC Metro area and available to attend in-person meetings in Washington, DC as needed. Responsibilities:
Other skills and responsibilities include, but are not limited to:
* Perform Certification & Accreditation (C&A), System Assessment & Authorization (SA&A) as part of NIST SP 800-37 Risk Management Framework (RMF) system and application accreditation.
* Possess multi-tasking skills, be able to handle multiple A&A systems / projects simultaneously, as well as being a good communicator / facilitator. Comfortable communicating at all levels from developer / engineer to senior contractor / customer staff.
* Knowledge of complex network environments involving shared networks and multiple security enclaves.
* Develops, reviews, evaluates, and verifies security requirements meet or exceed Federal Government security policies and controls within a cloud environments.
* Possess the ability to bridge the technical implementation (i.e. engineering talk) into commonly understood security verbiage.

* Evaluation of the assigned information systems’ security control compliance with the federal requirements and the client’s monitoring strategy.
* Management of emerging and defined risks associated with the administration and use of assigned information systems.
* Coordination with the client’s Cybersecurity team to achieve and maintain the information systems’ compliance and authorization to operate (ATO).
* Ensuring systems are operated, maintained, and disposed of in accordance with policies outlined in the approved security authorization package.
* Performing annual assessments to ensure compliance with the client’s policies and standards.
* Support the Change Control Board (CCB) to ensure configuration management for Cybersecurity-relevant software, hardware, and firmware is maintained and documented.
* Ensuring information system security requirements are addressed during all phases of information systems lifecycle.
* Work within a team environment to provide technically sound guidance order to adhere to the cybersecurity industry’s best practices and the client’s monitoring strategy.
* Analyze collected information to identify vulnerabilities and potential for exploitation and effectively present the results and guidance derived from scans to system owners or other leadership, as required.
* Effectively communicate orally and in writing to track and detail the demands, efforts, and shortcomings in meeting the goals of the client’s information system monitoring strategy.  
* Support the integration/testing, operations, and maintenance of systems security.  
* Develops, updates, and maintains internal Standard Operating Procedures for all internal assigned functions.  
* Document the various security control implementations as well as gather the artifacts that support the Risk Management Framework (RMF) and ICD 503 Security Accreditation for the various Assessment and Authorization (A&A) efforts.
* Document and obtain a general understanding of the architecture being developed or that was developed for each project in order to write the Systems Security Plans (SSP) / CONOPS.
* Gather the information by working with various systems owners, project managers, and engineering team members in order to write various additional A&A related documents such as Contingency Plan (CP), General User Guide (GUG), Privileged User Guide (PUG), Standard Operating Procedures (SOP’s),…