Information Systems Security Engineer - Intermediate (ISSE) - Se with Security Clearance
Job Summary
Perform vulnerability scanning and assessment activities using tools such as ACAS and Evaluate-STIG, ensuring accurate configuration, execution, validation, and reporting of results.
Support systems undergoing the acquisition lifecycle by assessing cybersecurity risks, identifying vulnerabilities, and recommending mitigation strategies in accordance with RMF and NAVAIR guidance.
Execute cybersecurity testing and validation activities for systems undergoing Assess and Authorize (A&A).
Develop, review, and maintain RMF artifacts and supporting documentation to ensure compliance with DoD and NAVAIR cybersecurity requirements.
Assess risks to IT assets using available threat and vulnerability intelligence and provide clear, actionable risk recommendations.
Provide technical expertise to identify security-related issues affecting current and planned systems, networks, and architectures within the NAVAIR enterprise and RDT&E environments.
Respond to and assist with the investigation of cybersecurity incidents, vulnerabilities, and malware events as required.
Serve as the primary and sole on-site cybersecurity resource, independently managing assigned tasks, priorities, and deliverables while coordinating with off-site team members and government stakeholders.
Maintain awareness of emerging cybersecurity threats, tools, and best practices, and provide documented recommendations when appropriate.
Maintain required training, certifications, and technical proficiency to adapt to evolving cyber threat landscapes and mission needs.
Qualifications
- Active DoD Secret clearance.
- Minimum 3 years of hands-on cybersecurity experience implementing, upgrading and monitoring security measures for the protection of computer networks and information.
- Demonstrated experience performing vulnerability scanning and compliance assessments using tools such as ACAS and/or Evaluate-STIG.
- Experience supporting RMF / A&A processes, including development, maintenance, or review of cybersecurity documentation and artifacts.
- Experience identifying, assessing, and documenting cybersecurity risks and mitigation strategies.
- Ability to work independently as the sole on-site cybersecurity resource, managing workload, priorities, and task execution with minimal supervision.
- Strong attention to detail and ability to produce accurate, first-pass cybersecurity deliverables.
- One or more of the following DoD 8140 qualifications:
- Certified Cloud Security Professional (CCSP)
- CompTIA Cloud+
- CompTIA SecurityX (Formerly CASP+)
- BS degree in Cybersecurity, Information Technology, Computer Science, Information Systems, Data Science, or Software Engineering.
Desired Qualifications
- Experience supporting NAVAIR, Navy, or DoD RDT&E environments.
- Hands-on experience with ACAS scan configuration, execution, validation, and reporting.
- Hands-on experience using Evaluate-STIG for STIG assessments, compliance tracking, and remediation support.
- Experience working with eMASSTER, Xacta, or similar RMF tools.
- Experience supporting systems across classified and unclassified networks.
- Familiarity with STIG implementation, POA&M development, and vulnerability remediation tracking.
- Experience supporting cybersecurity efforts during system acquisition, testing, and A&A phases.
- Demonstrated ability to operate autonomously while maintaining effective communication with remote teams and government stakeholders.