Yesterday
Top Secret/SCI
Senior Level Career (10+ yrs experience)
$112,000 - $179,000
IT - Security
Herndon, VA (On-Site/Office)
ISSO
Location: Herndon, Virginia
Clearance: TS/SCI with ability to obtain an SCI and pass a Poly
Salary: $112,000 - $179,000
Certification: DoD 8570 Baseline Certification (e.g., Security+, CISSP)
Seeking a highly skilled Information Assurance/Security Engineer to support Assessment & Authorization (A&A) and cybersecurity operations across multiple mission systems. This position requires a professional with hands-on expertise in the Risk Management Framework (RMF), information system security planning, and continuous monitoring in secure government environments.
Key Responsibilities
Design and implement security controls and safety measures in accordance with RMF (ICD 503, CNSSI-1253, NIST 800-37, NIST 800-53, etc.).
Lead A&A activities and produce comprehensive Information Assurance documentation across multiple systems and CLINs.
Author and maintain System Security Plans (SSPs) and supporting documentation within Xacta.
Develop Security Controls Traceability Matrices (SCTM) and Security Test Plans (STP).
Analyze system vulnerabilities, recommend mitigation strategies, and implement improvements.
Conduct log reviews, vulnerability analyses (e.g., ACAS, TwistLock, SonarQube), and apply DISA STIGs using STIG Viewer.
Create and manage Plan of Action and Milestones (POA&Ms) and work with engineers and PMs to address open findings.
Support continuous monitoring efforts and audit system usage.
Collaborate with development and architecture teams to identify, define, and satisfy security requirements.
Maintain situational awareness of network status and provide timely communications of anomalies or security events.
Required Qualifications
Bachelor's degree in Cybersecurity, Computer Science, or a related field coupled with 8+ years of experience supporting A&A and RMF-based documentation and processes (6+ years with MS; 12+ years in lieu of degree may be considered).
DoD 8570 Baseline Certification (e.g., Security+, CISSP).
Experience with RMF, Xacta, SIEM tools (e.g., Splunk), and vulnerability scanning.
Practical understanding of control testing and risk assessments.
Excellent analytical and problem-solving skills.
Willingness to work flexible hours if mission needs dictate.
Desired Qualifications
Experience with AWS or Google Cloud Platform cybersecurity practices.
Familiarity with Red Hat or CentOS Linux systems.
Prior experience working in a DevSecOps environment and toolchain.
Familiarity with agile development and CI/CD pipelines in secure settings.
Location: Herndon, Virginia
Clearance: TS/SCI with ability to obtain an SCI and pass a Poly
Salary: $112,000 - $179,000
Certification: DoD 8570 Baseline Certification (e.g., Security+, CISSP)
Seeking a highly skilled Information Assurance/Security Engineer to support Assessment & Authorization (A&A) and cybersecurity operations across multiple mission systems. This position requires a professional with hands-on expertise in the Risk Management Framework (RMF), information system security planning, and continuous monitoring in secure government environments.
Key Responsibilities
Design and implement security controls and safety measures in accordance with RMF (ICD 503, CNSSI-1253, NIST 800-37, NIST 800-53, etc.).
Lead A&A activities and produce comprehensive Information Assurance documentation across multiple systems and CLINs.
Author and maintain System Security Plans (SSPs) and supporting documentation within Xacta.
Develop Security Controls Traceability Matrices (SCTM) and Security Test Plans (STP).
Analyze system vulnerabilities, recommend mitigation strategies, and implement improvements.
Conduct log reviews, vulnerability analyses (e.g., ACAS, TwistLock, SonarQube), and apply DISA STIGs using STIG Viewer.
Create and manage Plan of Action and Milestones (POA&Ms) and work with engineers and PMs to address open findings.
Support continuous monitoring efforts and audit system usage.
Collaborate with development and architecture teams to identify, define, and satisfy security requirements.
Maintain situational awareness of network status and provide timely communications of anomalies or security events.
Required Qualifications
Bachelor's degree in Cybersecurity, Computer Science, or a related field coupled with 8+ years of experience supporting A&A and RMF-based documentation and processes (6+ years with MS; 12+ years in lieu of degree may be considered).
DoD 8570 Baseline Certification (e.g., Security+, CISSP).
Experience with RMF, Xacta, SIEM tools (e.g., Splunk), and vulnerability scanning.
Practical understanding of control testing and risk assessments.
Excellent analytical and problem-solving skills.
Willingness to work flexible hours if mission needs dictate.
Desired Qualifications
Experience with AWS or Google Cloud Platform cybersecurity practices.
Familiarity with Red Hat or CentOS Linux systems.
Prior experience working in a DevSecOps environment and toolchain.
Familiarity with agile development and CI/CD pipelines in secure settings.
group id: 10507520
