ISSE SME

This position focuses on maintaining support of cybersecurity, risk management, and compliance across dynamic environments including cloud-based systems, virtual workspace solutions, infrastructure and data center systems, wide area and local area networks (classified and unclassified) and software development environments.

Responsibilities

The ISSE will bridge compliance and technology-ensuring Coast Guard systems meet cybersecurity and accreditation requirements under DoD RMF and NIST SP 800-series guidance, while actively engaging with engineers and administrators to embed security into operations and design.

This role requires both policy fluency and technical literacy, particularly in areas like cloud architecture, virtualization, DevSecOps pipelines, workplace productivity solutions, networks and network security, and ICAM solutions.

• Support the Risk Management Framework (RMF) lifecycle, including categorization, control selection, assessment, and authorization.
• Develop and maintain key documentation such as System Security Plans (SSPs), Security Assessment Reports (SARs), and POA&Ms.
• Collaborate with infrastructure, DevSecOps, and cloud engineering teams to ensure security controls are implemented in virtualized and containerized environments.
• Evaluate and document compliance for FedRAMP DoD IL2/4/5/6, or other cloud baselines as applicable.
• Participate in technical design reviews to ensure alignment with RMF, Zero Trust, and ICAM principles.
• Support implementation and continuous monitoring of security controls within Microsoft Azure Government, AWS GovCloud, or DoD Cloud environments.
• Analyze and mitigate vulnerabilities identified through automated scans or assessments.
• Work with product managers to proactively plan security compliance and review ongoing security engineering tasks and projects
• Coordinate with ISSOs, system owners, and Authorizing Officials (AOs) to maintain Authority to Operate (ATO) status and ensure timely remediation of findings.
• Facilitate approvals for network interconnections such as the Boundary Cloud Access Point (BCAP) and DISA System/Network Approval Process (SNAP) through the provisioning of required documentation
• Support Product Teams in the preparation, response, and finding remediation for JFHQ-DoDIN Cyber Operational Readiness Assessments (CORAs)
• Manage ISSE team in accordance with product line expectations, successfully translating security needs of all portfolio products into appropriate FISMA boundaries and systems

Qualifications

• Bachelor's with 12+ years of cybersecurity experience (or commensurate experience)
• Clearance Required: Ability to maintain an active Secret clearance
• 10+ years of experience supporting cybersecurity engineering, RMF, or information assurance functions.
• Demonstrated experience with one or more of the following technical areas:
  • Virtualized or cloud-based systems (AWS GovCloud, Azure Government, or similar)
  • Virtual desktop/workspace platforms (VDI, Citrix, VMware Horizon, Azure Virtual Desktop)
  • Software Factory / DevSecOps environments (GitLab, Jenkins, Nexus, SonarQube, etc.) including API management tools and data streaming
  • Identity, Credential, and Access Management (ICAM) solutions (PIV/CAC, IdM, MFA, SSO, RBAC)
  • WAN/LAN networks, SIPR and unclassified domains, firewalls and other boundary/perimeter security systems
  • Continuous monitoring and end point management systems (MECM, InTune, Trellix, ACAS, SolarWinds)
  • Data center and physical computer/storage systems
  • Physical end user systems such as laptops, workstations, printers and multi-functional devices, mobile devices
• Working knowledge of:
  • NIST SP 800-37, 800-53, 800-171, and FIPS 199/200
  • DoD RMF and cybersecurity directives
  • FISMA, FedRAMP, and Zero Trust principles
• Ability to collaborate effectively with engineers, administrators, and leadership to translate technical configurations into compliance documentation.
• Strong written communication and briefing skills.
• CCISO; CISM; CISSP (or Associate); GSLC