Senior Information Systems Security Engineer (RMF Lead)
Virginia Beach, VA - USA
Job Summary
What Youll Do:
As the Senior Information Systems Security Engineer (ISSE)/RMF Lead you will serve as the cybersecurity authority supporting advanced Live Virtual and Constructive (LVC) training environments that prepare Navy and coalition forces for real-world combat operations. You will lead the integration of cybersecurity requirements into mission systems networks and simulation environments while overseeing all Risk Management Framework (RMF) activities required to maintain operational authorization. Working across engineering network and program teams you will help ensure the secure delivery of realistic high-fidelity training capabilities that enable warfighter readiness against emerging and advanced threats.
This position will be based at the NAS Oceana Dam Neck Annex in Virginia Beach VA.
Key Responsibilities:
- Lead cybersecurity engineering efforts across Live Virtual and Constructive (LVC) training systems and supporting infrastructure.
- Develop and integrate cybersecurity requirements throughout the system development lifecycle (SDLC) from concept and design through implementation and system modernization.
- Design secure system architectures and engineering solutions that satisfy mission objectives while meeting DoD cybersecurity requirements.
- Perform security architecture reviews system design analyses and engineering trade studies to ensure cybersecurity is integrated into new and evolving capabilities.
- Define cybersecurity design requirements for networks mission systems simulation environments and supporting infrastructure.
- Lead Risk Management Framework (RMF) engineering activities for assigned systems ensuring cybersecurity design decisions support successful authorization.
- Conduct security design reviews and provide technical guidance to engineering teams.
- Develop and maintain RMF packages including System Security Plans (SSPs) security assessments and authorization artifacts.
- Coordinate with Government Authorizing Officials (AOs) Security Control Assessors (SCAs) and cybersecurity stakeholders.
- Evaluate the cybersecurity impacts of new technologies interfaces mission capabilities and system modifications recommending engineering solutions to reduce operational risk.
- Track and resolve cybersecurity findings and authorization conditions.
- Ensure compliance with DoDI 8510.01 (RMF) NIST SP 800-53 DoD Cyber Workforce requirements DISA Security Technical Implementation Guides (STIGs) and Navy and NAVAIR cybersecurity policies.
- Ensure secure integration between operational systems simulators and external interfaces.
- Review ACAS vulnerability scans and security assessment results.
- Prioritize and coordinate remediation activities across engineering network and system administration teams.
- Track Plans of Action and Milestones (POA&Ms) through closure.
- Assess cybersecurity risks associated with distributed training events.
- Evaluate security implications of integrating live platforms simulators and threat-representation systems.
- Support cross-domain and multi-level security solutions where required.
- Ensure training systems can emulate realistic threats without introducing unacceptable cybersecurity risk.
- Coordinate cybersecurity requirements for coalition and joint interoperability events.
- This position may require up to 25% annual travel.
This description outlines the general nature and scope of the role. Additional duties may be assigned as necessary.
What Youll Bring:
- Bachelors degree in Cybersecurity Information Systems Computer Science Engineering or a related technical field and ten (10) years of relevant DoD cybersecurity experience. Additional directly related experience may be substituted for a degree where permitted.
- Minimum of five (5) years of experience leading Risk Management Framework (RMF) activities in accordance with DoDI 8510.01 including development of SSPs security assessments authorization packages and ATO documentation.
- Demonstrated experience implementing and maintaining cybersecurity controls in accordance with NIST SP 800-53 DISA STIGs ACAS vulnerability management and POA&M remediation.
- Experience designing and integrating cybersecurity solutions for complex DoD information systems networks or mission systems throughout the system development lifecycle.
- Experience coordinating with Government Authorizing Officials (AOs) Security Control Assessors (SCAs) engineering teams and system administrators to achieve and maintain cybersecurity compliance and system authorization.
- Experience supporting Navy NAVAIR or other DoD programs involving classified information systems distributed networks or Live Virtual and Constructive (LVC) training environments is highly desired.
Certification Requirements:
- Candidates must hold a current IAM-III certification (e.g. CISM CISSP or GSLC) as defined by DoD 8570.01-M. Please upload copies of any relevant IT certifications as part of your application. These documents help us verify qualifications during the initial screening process.
Equally Important:
- Ability to build positive collaborative relationships across teams and with external partners.
- Effective communicator with strong verbal and written skills.
- Proactive self-directed work style with the ability to operate independently.
- Analytical thinker with proven problem-solving capabilities.
- Highly organized with the ability to balance competing priorities in a fast-paced environment.
ASEC is committed to providing access and reasonable accommodation in its services activities programs and employment opportunities in accordance with the Americans with Disabilities Act and other applicable laws.
Security Clearance Requirement:
- This position requires U.S. citizenship and an active DoD Top Secret clearance. Selected candidate will be subject to a government security investigation and must meet eligibility requirements for access to classified information.
Salary Range:
- The anticipated annual salary range for this position is $160000 - $180000 commensurate with an individuals experience qualifications and skill set. ASEC is committed to providing fair and equitable compensation.
Who We Are:
ASEC offers meaningful mission-driven work within a culture that supports your professional and personal growth. We partner with our government customers to deliver innovative solutions across engineering information technology training and logistics. Above all we are committed to doing whats right for the Warfighterplain and simple. Explore what makes ASEC different by visiting our website.
Why work at ASEC
- 100% employee-owned company. Learn more about our Employee Stock Ownership Plan (ESOP) here!
- Comprehensive benefits package including 11 paid holidays medical/dental/vision coverage HSA/FSA options disability insurance and more!
- 401(k) with company match
- Tuition assistance for undergraduate and graduate education
- Veteran-friendly employer
- Thriving employee culture
Not the right opportunity for you Send this job posting to a friend!
ASEC is an Equal Opportunity Employer. We recruit hire train compensate and promote employees based on qualifications merit and business needs without regard to race color religion sex national origin ancestry age marital status sexual orientation gender identity or expression disability veteran status genetic information pregnancy or related conditions (including breastfeeding) or any other status protected by law.
ASEC also complies with all applicable pay transparency laws and will not discriminate against employees or applicants for inquiring about discussing or disclosing compensation.
Required Experience:
Senior IC
About Company
ASEC is an award-winning, employee-owned small business focused on providing value and innovation in the areas of engineering, training, flight services, and more.