Jobs · Information Technology · Virginia

Senior Information Systems Security Engineer (RMF Lead)

ASEC · Virginia Beach, VA · 2 days ago
On-siteInformation Technology$160k–$180k/yrFull-time

What You'll Do

As the Senior Information Systems Security Engineer (ISSE)/RMF Lead, you will serve as the cybersecurity authority supporting advanced Live, Virtual, and Constructive (LVC) training environments that prepare Navy and coalition forces for real-world combat operations. You will lead the integration of cybersecurity requirements into mission systems, networks, and simulation environments while overseeing all Risk Management Framework (RMF) activities required to maintain operational authorization.

You will work across engineering, network, and program teams, helping ensure the secure delivery of realistic, high-fidelity training capabilities that enable warfighter readiness against emerging and advanced threats. This position is based at the NAS Oceana Dam Neck Annex in Virginia Beach, VA.

Key Responsibilities

  • Lead cybersecurity engineering efforts across LVC training systems and supporting infrastructure.

  • Integrate security requirements throughout the system development lifecycle.

  • Develop security architectures that support operational requirements while meeting DoD cybersecurity standards.

  • Conduct security design reviews and provide technical guidance to engineering teams.

  • Lead all Risk Management Framework (RMF) activities for assigned systems and enclaves.

  • Develop and maintain RMF packages, including System Security Plans (SSPs), security assessments, and authorization artifacts.

  • Cook up coordination with Government Authorizing Officials (AOs), Security Control Assessors (SCAs), and cybersecurity stakeholders.

  • Track and resolve cybersecurity findings and authorization conditions.

  • Ensure compliance with DoDI 8510.01 (RMF), NIST SP 800-53, DoD Cyber, Workforce requirements, DISA Security Technical Implementation Guides (STIGs), and Navy and NAVAIR cybersecurity policies.

  • Securely integrate between operational systems, simulators, and external interfaces.

  • Review ACAS, vulnerability scans, and security assessment results.

  • Prioritize and coordinate remediation activities across engineering, network, and system administration teams.

  • Track Plans of Action and Milestones (POA&Ms) through closure.

  • Assess cybersecurity risks associated with distributed training events.

  • Evaluate security implications of integrating live platforms, simulators, and threat-representation systems.

  • Support cross-domain and multi-level security solutions where required.

  • Ensure training systems can emulate realistic threats without introducing unacceptable cybersecurity risk.

  • Cook up cybersecurity requirements for coalition and joint interoperability events.

Requirements

  • Bachelor's degree in Cybersecurity, Information Systems, Computer Science, Engineering, or a related technical field and ten (10) years of relevant DoD cybersecurity experience.

  • Additional directly related experience may be substituted for a degree where permitted.

  • Minimum of five (5) years of experience leading Risk Management Framework (RMF) activities in accordance with DoDI 8510.01, including development of SSPs, security assessments, authorization packages, and ATO documentation.

  • Demonstrated experience implementing and maintaining cybersecurity controls in accordance with NIST SP 800-53, DISA STIGs, ACAS vulnerability management, and POA&M remediation.

  • Experience designing and integrating cybersecurity solutions for complex DoD information systems, networks, or mission systems throughout the system development lifecycle.

  • Experience coordinating with Government Authorizing Officials (AOs), Security Control Assessors (SCAs), engineering teams, and system administrators to achieve and maintain cybersecurity compliance and system authorization.

  • Experience supporting Navy, NAVAIR, or other DoD programs involving classified information systems, distributed networks, or LVC training environments is highly desired.

Certification Requirements

Candidates must hold a current IAM-III certification (e.g., CISM, CISSP, or GSLC) as defined by DoD 8570.01-M. Please upload copies of any relevant IT certifications as part of your application.

Equally Important

  • Ability to build positive, collaborative relationships across teams and with external partners.

  • Effective communicator with strong verbal and written skills.

  • Proactive, self-directed work style with the ability to operate independently.

  • Analytical thinker with proven problem-solving capabilities.

  • Highly organized, with the ability to balance competing priorities in a fast-paced environment.

Who We Are

ASEC offers meaningful, mission-driven work within a culture that supports your professional and personal growth. We partner with our government customers to deliver innovative solutions across engineering, information technology, training, and logistics. Above all, we are committed to doing what’s right for the Warfighter—plain and simple.

Why work at ASEC?

  • 100% employee-owned company.

  • Comprehensive benefits package, including 11 paid holidays, medical/dental/vision coverage, HSA/FSA options, disability insurance, and more!

  • Tuition assistance for undergraduate and graduate education.

  • Veteran-friendly employer.

  • Thriving employee culture.

Send this job posting to a friend!

Similar jobs