Information System Security Engineer (ISSE)
Washington, DC

Job Summary:
IT Veterans is seeking a highly motivated Information System Security Engineer to join our team in Washington, DC (Washington Navy Yard). Candidates must possess an active Secret clearance.

Responsibilities:

• Support NAVFAC Washington ISSM / CIO with RMF package development as the technical ISSE, in accordance with NAVFAC RMF guidance, to achieve Authorization to Operate (ATO).

• Assemble all required documentation as outlined by the ISSM and CNIC/NAVFAC for RMF packages.

• Assess and implement security controls, Security Technical Implementation Guides (STIGs), and Assured Compliance Assessment Solution (ACAS) scans in compliance with governing policies for servers, networking equipment, workstations, etc.

• Assist system administrators with the implementation and application of all applicable STIGs, industry best security and design practices, and Information Assurance Vulnerability Alert (IAVA) security requirements.

• Process and maintain compliance, verify completion of Nessus, STIG, and SCAP files; report any open findings or vulnerabilities to the program; propose and implement mitigations as required; and construct necessary POA&Ms when needed.

• Maintain compliance in Vulnerability Remediation Asset Manager (VRAM) and DoD Information Technology Portfolio Repository-Navy (DITPR-DON) / DON Application and Database Management System (DADMS).

• Understand NIST standards, Committee for National Security Systems (CNSS) guidelines, DoD/DON Communications Task Orders (CTOs, TASKORDS), and Information Assurance Vulnerability Management (IAVMs).

• Create system authorization boundary diagrams and data flow diagrams, ensuring traceability back to Hardware, Firmware, Software, Ports, Protocols, and Services (PPS) lists and ACAS, while complying with DISA/NAVFAC standards.

• Review system PPS lists and ensure compliance in accordance with Department of Defense Instruction (DoDI) 8551.01.

• Interact frequently with internal personnel and external representatives at various levels.

• Support regular status and requirements meetings to facilitate the RMF process.

Qualifications:

• Must possess an active Secret clearance

• BA/BS in Information Technology, Cyber Security, Computer Science, or a related discipline.

• Minimum compliance with DoD Manual 8570.01M (or equivalent) Cyber Information Technology/Cybersecurity Workforce IAT Level II required; IAM Level III preferred.

• 5-8 years of experience in an Information Technology or Cyber Security environment supporting the Department of Defense.

• Experience with Enterprise Mission Assurance Support Service (eMASS).

• Experience with Assured Compliance Assessment Solution (ACAS).

• Familiarity with Security Technical Implementation Guides (STIGs).

• Experience with DON Vulnerability Remediation Asset Manager (VRAM).

• Proficiency in:

  • Microsoft operating systems

  • Microsoft SQL

  • Red Hat Linux

  • Cisco

  • Aruba wireless

  • MS Office

  • MS Visio

• Experience developing Assessment and Authorization (A&A) documentation.

• Experience with the latest Risk Management Framework (RMF) and NIST SP 800-53 guidelines as an Information Systems Security Engineer (ISSE).

• Knowledge of US Naval communication suites, including LAN, WAN, and RF paths.

• Working knowledge of servers, software, networking equipment, and other infrastructure elements.

• Familiarity with the DoD Information Technology Portfolio Repository-Navy (DITPR-DON) / DON Application and Database Management System (DADMS) and the requirements for their use.

• Ability to communicate effectively, both verbally and in writing.

• Ability to excel in a fast-paced program office environment.

• Strong attention to detail.

At IT Veterans LLC, we are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates without regard to race, color, religion, sex, pregnancy, national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information, military and veteran status, and any other characteristic protected by applicable law. We believe that diversity and inclusion among our teammates is critical to our success.