NISSC 3 Information Systems Security Engineer II (ISSE)

AMERICAN SYSTEMS is seeking our next Information Systems Security Enigneer II (ISSE)

As an Information Systems Security Engineer II (ISSE) on the NISSC 3 program you will analyze design and implement technical security controls to protect mission-critical information systems and ensure continuous compliance with RMF NIST and DoD cybersecurity requirements.
You will perform configuration vulnerability and risk assessments; deploy and validate security tools; support Assessment & Authorization (A&A) activities; and provide technical leadership for cybersecurity integration across complex systems. You will work closely with systems engineering configuration management and the EDLM/UDLM (Emergency/Urgent Depot Level Maintenance) Manager to maintain cyber readiness and support incident response.

• Ensure automated information system (AIS) and network nodes are operated maintained and
• Analyze design and implement technical security controls for complex information systems in accordance with RMF NIST and DoD requirements.
• Perform configuration assessments vulnerability assessments and risk assessments for systems applications and supporting infrastructure.
• Configure deploy and validate security tools and technologies to monitor detect and protect against cyber threats.
• Support the development documentation and maintenance of assessment and authorization (A&A) packages including system security plans (SSPs) plans of action and milestones (POA&Ms) and supporting artifacts.
• Conduct security impact analyses for system changes and recommend appropriate security engineering solutions.
• Participate in incident tracking and remediation activities; support root-cause analysis and corrective actions to prevent recurrence.
• Provide technical leadership and guidance on systems security engineering best practices to project teams and stakeholders.
• Oversee cybersecurity integration across systems ensuring security controls are effectively implemented during design development test deployment and sustainment.
• Support vulnerability management activities including scanning analysis remediation planning and status reporting.
• Develop and submit security reports threat analyses and risk summaries to support program decision-making and senior leadership updates.
• Collaborate closely with the EDLM/UDLM Manager to ensure that emergency and urgent depot-level maintenance actions comply with cybersecurity requirements and do not introduce unacceptable risk.
• Contribute to continuous improvement of cybersecurity processes procedures and tooling in alignment with evolving DoD and NIST guidance.

• 46 years of relevant hands-on experience in systems security engineering cybersecurity engineering information assurance or related discipline ideally within a DoD or similarly regulated environment.
• Advanced knowledge of systems security engineering principles and practices with demonstrated experience designing and implementing technical security controls.
• Hands-on experience conducting configuration assessments vulnerability assessments and risk assessments for DoD or similar high-assurance systems.
• Proven ability to configure manage and validate security tools and technologies in support of RMF NIST and DoD compliance.
• Experience supporting the development and maintenance of RMF A&A packages including security documentation control implementation statements and evidence collection.
• Demonstrated capabilities in incident tracking triage remediation support and collaboration with incident response teams.
• Proficiency in developing advanced security solutions and overseeing cybersecurity integration across complex systems and environments.
• Experience with one or more of the following tools (or similar):
  • eMASS XACTA CORE
  • ACAS
  • SCAP tools
  • Nessus
  • Checkmarx
  • ZAP DAST
• Ability to interpret and apply DoD NIST and RMF policy standards and guidance in an operational environment.
• Strong written and verbal communication skills including experience producing technical documentation security reports and risk/threat analyses.
• Must hold at least one qualifying DoD 8140 certification (e.g. CCSP Cloud CSC GCLD GSEC SecurityX/CASP).
• Active DoD Secret clearance with eligibility to obtain TS/SCI.
• Bachelors degree in one of the following (or closely related) fields:
  • Information Technology (IT)
  • Cybersecurity
  • Computer Science (CS)
  • Information Systems (IS)
  • Data Science
  • Software Engineering
    OR Equivalent DoD/Military training in cybersecurity information assurance or systems security engineering.