Information System Security Engineer (ISSE) II

Position Overview:

JMA Resources is seeking a highly motivated Information Systems Security Engineer (ISSE) to join our this role you will assess and validate the implementation of approved security controls and evaluate system weaknesses. You will prepare security assessment reports with findings and results as well as supporting documentation and remediation efforts. As a trusted partner to both the client and team the ISSE ensures compliance strengthens security posture and supports operational objectives.

Responsibilities:

• Oversee the development and maintenance of a systems cybersecurity solutions.
• Identify Authorizing Official (AO) and Security Control Assessor (SCA) cognizance of the system as well as any specific authorization requirements such as reciprocity cross-domain and applicable overlays to support system categorization
• Identify and tailor the security control baseline with applicable overlays.
• Assist with the development maintenance and tracking of the System Security Plan (SP).
• Lead the security control implementation and testing efforts.
• Perform vulnerability-level risk assessment on the Plan of Action and Milestones (POA&M) or Corrective Action Plan (CAP).
• Execute security testing required as part of Assessment & Authorization (A&A) or annual reviews.
• Ensure the mitigation and closure of open vulnerabilities under the systems change control process.
• Plan and perform cybersecurity testing to assess security controls and record security control compliance status during sustainment.
• Oversee cybersecurity testing to assess security controls and record security control compliance status during the continuous monitoring phase of the lifecycle.
• Ensure data entered in the Enterprise Mission Assurance Support Services (eMASS) record and POA&M is consistent with implementation results.
• Utilize the Collaboration Board in the eMASS for all formal coordination during the RMF process; post detailed findings in the Artifacts tab as required.
• Document and provide all requested rework to the Program Security Office (PSO) or Program Management Office (PMO) for review.
• Participate in the system engineering process to ensure the systems security and cybersecurity requirements design and testing are addressed throughout the system lifecycle.
• Carry out other related duties as assigned demonstrating flexibility and adaptability in meeting evolving client and company needs.

Clearance Level:

• Current or ability to obtain a Department of Defense (DoD) Secret Clearance is required.Note: To obtain a security clearance you must be a U.S. citizen and meet the 13 adjudicative guidelines.

Required Qualifications:

• 3 years of experience in information security engineering system assessment or related field including experience in:
  • Documenting RMF A&A requirements (U.S. Navy RMF process preferred).
  • Performing RMF testing of all CS requirements and analysis needed to complete an RMF package for submittal and approval.
  • Conducting vulnerability risk analysis and documenting deficiencies found during RMF testing.
  • Using IA tools and scanners to evaluate the security posture of the system/enclave.
  • Managing documentation within eMASS.
• Working knowledge of the RMF and A&A processes.
• Strong understanding of federal security standards including FISMA FIPS and NIST Special Publications.
• Proficiency in vulnerability management processes security control implementation and audit preparation.
• Strong analytical and problem-solving skills.
• Excellent verbal and written communication skills for preparing documentation and collaborating with cross-functional teams.
• Attention to detail and accuracy.
• Ability to work independently as well as in a collaborative team environment.
• Flexibility to adapt to changing priorities while supporting both team members and client requirements.
• Must hold one of the following certifications:
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Governance Risk and Compliance (CGRC)
  • GIAC Security Leadership (GSLC)
  • CompTIA Advanced Security Practitioner (CASP)
  • Certified Chief Information Security Officer (C-CISO)

Preferred Qualifications:

• Bachelors degree in Cybersecurity Computer Science Information Systems or related field.
• Understanding of the U.S. Navy RMF Process Guide.

Creating an Environment of Respect and Opportunity:

At JMA Resources we value the many paths people take to develop their skills and expertise and we welcome candidates from all backgrounds. Your qualifications may come from a variety of experiences including formal education certifications professional development mentorship hands-on work or a unique combination of these. We encourage you to share the distinctive journey that has prepared you for this role during your interviews.

Location & Commitments:

• Position: Full Time
• Work Arrangement:
  • Hybrid - On-site for a week a minimum each quarter at our client site in Mechanicsburg Pennsylvania.
• Travel Requirements: Is required.
• Location Preference: Must reside within a 6-hour drive of Mechanicsburg Pennsylvania due to client requirements.
• Work Hours: A typical workday consists of eighthours totaling a forty-hour workweek. We understand that there may be times when employees will need to adjust their work hours due to client needs or personal reasons. To help balance these demands we offer some flexibility in work schedules.

What We Offer:

• Competitive salary and discretionary bonuses.
• Comprehensive health benefits including medical dental and vision insurance.
• Flexible Paid Time Off (PTO) and holidays to help you maintain a healthy work-life balance.
• Opportunities for professional development and continued learning.
• Hybrid/remote work arrangement with flexible hours.
• 401(k) retirement plan with company match.
• Employee recognition programs and company events.

JMA Resources is an equal opportunity employer committed to achieving a workforce with an environment free of discrimination and harassment. All aspects of employment including recruitment hiring promotions transfers discipline terminations wage and salary administration benefits and training are based on business needs job requirements and individual qualifications without regard to race age color physical or mental disability religion gender sexual orientation gender identity/expression marital status national origin political affiliation or protected veteran status.

At JMA Resources we are dedicated to fostering an inclusive environment for all qualified individuals. We provide reasonable accommodations to persons with disabilities to ensure equal access throughout the application and hiring process. If you needassistanceor require an accommodation please reach out to Amy Foy VP of Employee Experience at.

Required Experience:

Manager