Information System Security Engineer

Job Details

Information System Security Engineer

Jacksonville, Florida




Job Description

  • The candidate will take on the role of Information System Security Engineer (ISSE) for the Risk Management Framework (RMF) Assessment and Authorization (A&A) process, tasked with developing RMF security authorization packages to obtain Authorizations to Operate (ATOs). 
  • As the Information System Security Engineer (ISSE), you will be responsible for the activities listed below.
    • Support CNRSE IAM / CIO with RMF package development as ISSE.
    • Assemble all required documentation as outlined by the ISSM and CNIC for the RMF packages.
    • Tailor security controls out of NIST SP 800-53 rev 4 for the systems.
    • Develop a Security Assessment Plan (SAP) in accordance with the Navy Security Control Assessor (SCA) A&A Testing Guidance.
    • Assess security controls, Security Technical Implementation Guides (STIGs), and Assured Compliance Assessment Solution (ACAS) scans in accordance with the SAP.
    • Build risk assessment report (RAR) incorporating all findings discovered in testing, and documenting an analysis of each finding.
    • Create system authorization boundary diagrams encompassing traceability back to Hardware, Firmware, Software, and Ports, Protocols and Services (PPS) lists. 
    • Fill out the status of all security controls, enhancements, and control correlation identifiers (CCIs) in eMASS.
    • Prepare for and conduct technical briefings at meetings with internal and external representatives.
    • Interacts frequently with internal personnel and outside representatives at various levels.
    • Assist in developing schedules and plans of actions and milestones (POA&M) for producing deliverable products and reports within customer-directed timelines.
    • Coordinate with field activities, obtaining statuses and providing RMF guidance for all CNIC CNRSE packages.

Candidate Qualifications:

  • Must possess an active Secret Security Clearance.
  • Must meet 8570 Workforce IAT Level II, IAM Level III preferred.
  • Must have a BS in Information Technology, Cyber Security, Computer Science, or related discipline.
  • Must have 15 years in Information Technology.
  • Must have 3-5 years experience in a Cyber Security environment to include RMF and eMASS experience.
  • Navy RMF experience preferred but not required.

© 2020, Bond International Software, Inc.
All rights reserved.
Version 2020.2.7us