Yesterday
Secret
Senior Level Career (10+ yrs experience)
Unspecified
No Traveling
IT - Security
Va Bch, VA (On-Site/Office)
This position is contingent upon funding with an expected start date of December 2025
SECRET Clearance required
SRG is seeking an Information System Security Engineer (ISSE) to perform STIG assessments using SCAP benchmarks, conduct vulnerability assessments with ACAS, manage compliance tracking in eMASS, develop POA&Ms, and complete RMF Step 5 authorizations
On-site only, no telework.
Position Responsibilities:
Conduct Security Technical Implementation Guide (STIG) assessments using SCAP benchmarks and Evaluate STIG to ensure compliance with security standards.
Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) tool.
Execute processes within Enterprise Mission Assurance Support Service (eMASS) for security authorization and compliance tracking.
Develop and maintain Plans of Action and Milestones (POA&M) to address security vulnerabilities and ensure risk mitigation.
Complete Risk Management Framework (RMF) Step 5 authorizations in an Information System Security Engineer (ISSE) capacity.
Provide recommendations to stakeholders on risk reduction strategies and security enhancements.
Ensure compliance with DoD 8570.01-M and DFARS 252.239-7001 security baseline requirements.
Required Qualifications:
Education: Bachelor’s degree in Cybersecurity, Cyber Operations, Cyber Engineering, Information System,
Information Technology, Computer, Electrical, or Electronics Engineering, Software Engineering, Computer
Science, Mathematics with a concentration in Computer Science, or equivalent to above disciplines.
Certification:
• DoD 8570.01-M in accordance with (IAW) DFARS 252.239-7001 Baseline Certification, minimum IAM
Level II.
Experience:
• Ten (10) years of full-time professional experience performing Risk Management Framework activities.
• Demonstrated experience in the following areas:
o Performing STIG assessments to include using SCAP benchmarks and Evaluate STIG.
o Performing vulnerability assessments with the Assured Compliance Assessment Solution tool.
o Utilization and process execution within eMASS;
o Developing Plans of Actions and Milestones (POA&M) entries.
o Completing Risk Management Framework Step 5 authorizations in the ISSE capacity; and
o Communicating risk reduction recommendations to stakeholders.
SECRET Clearance required
SRG is seeking an Information System Security Engineer (ISSE) to perform STIG assessments using SCAP benchmarks, conduct vulnerability assessments with ACAS, manage compliance tracking in eMASS, develop POA&Ms, and complete RMF Step 5 authorizations
On-site only, no telework.
Position Responsibilities:
Conduct Security Technical Implementation Guide (STIG) assessments using SCAP benchmarks and Evaluate STIG to ensure compliance with security standards.
Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) tool.
Execute processes within Enterprise Mission Assurance Support Service (eMASS) for security authorization and compliance tracking.
Develop and maintain Plans of Action and Milestones (POA&M) to address security vulnerabilities and ensure risk mitigation.
Complete Risk Management Framework (RMF) Step 5 authorizations in an Information System Security Engineer (ISSE) capacity.
Provide recommendations to stakeholders on risk reduction strategies and security enhancements.
Ensure compliance with DoD 8570.01-M and DFARS 252.239-7001 security baseline requirements.
Required Qualifications:
Education: Bachelor’s degree in Cybersecurity, Cyber Operations, Cyber Engineering, Information System,
Information Technology, Computer, Electrical, or Electronics Engineering, Software Engineering, Computer
Science, Mathematics with a concentration in Computer Science, or equivalent to above disciplines.
Certification:
• DoD 8570.01-M in accordance with (IAW) DFARS 252.239-7001 Baseline Certification, minimum IAM
Level II.
Experience:
• Ten (10) years of full-time professional experience performing Risk Management Framework activities.
• Demonstrated experience in the following areas:
o Performing STIG assessments to include using SCAP benchmarks and Evaluate STIG.
o Performing vulnerability assessments with the Assured Compliance Assessment Solution tool.
o Utilization and process execution within eMASS;
o Developing Plans of Actions and Milestones (POA&M) entries.
o Completing Risk Management Framework Step 5 authorizations in the ISSE capacity; and
o Communicating risk reduction recommendations to stakeholders.
group id: 91127911
