Information System Security Engineer (ISSE)

We are seeking a highly skilled Information Systems Security Engineer (ISSE) to join our team supporting multiple DoD programs. The ISSE will be responsible for ensuring the security of our information systems in accordance with Department of Defense (DoD) regulations and instructions, including DoDI 8500.01, DoDM 5200.01, DoDI 8510.01 and DoDM 8140.03. The ideal candidate will have a strong background in cybersecurity, risk management, and information assurance.

• Develop, implement, and maintain security policies, procedures, and controls in compliance with DoDI 8500.01 (Cybersecurity Program) and DoDI 8510.01 (Risk Management Framework)
• Conduct security assessments and audits to identify vulnerabilities and ensure compliance with DoDM 5200.01 (Information Security Program)
• Collaborate with system owners, developers, and other stakeholders to integrate security requirements into system design and development processes
• Perform risk assessments and develop mitigation strategies to address identified risks
• Ensure the proper classification, marking, and protection of DoD information in accordance with DoDM 5200.01
• Understanding of cloud native applications and networking knowledge
• Provide guidance and support for the implementation of security controls and the development of security documentation
• Able to provide recommendations on how to resolve security issues
• Monitor and respond to security incidents, ensuring timely resolution and reporting
• Stay current with emerging cybersecurity threats and technologies, and recommend improvements to enhance the security posture of the organization
• Perform data analytics, use automated processes, data, metrics, and analysis, training, and related support activities to provide operational efficiencies and management decision support
• Act as the technical subject matter expert and specialize in designing and architecting the security architecture of Government information systems to meet or exceed the applicable security requirements
• Capture and refine information system requirements and ensure integration of those requirements into information systems
• Define and staff a team, including critical action teams needed to address high impact vulnerabilities, allowing existing work to continue unabated

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field
• Minimum of five years of experience in information systems security or a related field
• In-depth knowledge of DoD cybersecurity policies and procedures, including DoDI 8500.01, DoDM 5200.01, DoDI 8510.01 and DoDM 8140.03
• Experience with risk management frameworks and security assessment methodologies.
• Understanding of DevSecOps strategy and cloud native applications
• Strong analytical and problem-solving skills
• Strong oral and written communications skills
• Strong interpersonal skills
• Relevant certifications such as CISSP, CISM, or CEH are preferred
• Experience in data analytics and automated processes is highly desirable
• Proven ability to act as a technical subject matter expert and design security architectures
• Experience in team leadership and staffing critical action teams is a plus