Sr. ISSE SME

Zachary Piper Solutions is currently seeking a Sr. Information Systems Security Engineer (ISSE) / RMF Subject Matter Expert to support mission-critical Office of the Undersecretary of Defense for Acquisition and Sustainment (OUSD(A&S)) capabilities. This position is a full-time, onsite role supporting high-visibility DoD programs in a HYBRID format based out of Arlington, VA . This role is critical to ensuring systems are secure by design, resilient, and defensible to the Authorizing Official (AO). As a Senior ISSE, you will serve as a technical cybersecurity engineering authority, embedding security throughout the system lifecycle using System Security Engineering (SSE) principles and the DoD Risk Management Framework (RMF).

Key Responsibilities

• Engineer, integrate, and validate cybersecurity controls across all phases of the RMF lifecycle in alignment with DoDI 8500.01 and NIST SP 800-53.
• Apply System Security Engineering (SSE) principles in accordance with NIST SP 800-160, ensuring cybersecurity is embedded into system architectures-not applied post-development.
• Design and analyze secure system architectures, including:
  • Authorization boundaries
  • Data flows
  • Trust zones
  • External interfaces and ISAs
• Perform threat modeling, attack surface analysis, and vulnerability assessments to inform engineering decisions and risk mitigation strategies.
• Translate technical risk into engineering-driven solutions and implement mitigations within system designs.
• Collaborate closely with system engineers, developers, architects, ISSMs, ISSOs, and SCAs to ensure proper control implementation.
• Support DevSecOps integration, including automation of:
  • SAST / DAST
  • Infrastructure-as-Code (IaC) scanning
  • Container and pipeline security
• Validate and support implementation of:
  • ACAS / SCAP / STIG compliance
  • Secure configuration baselines
  • Encryption and key management (FIPS 140-3)
• Analyze SARs, vulnerability scans, and assessment outputs, translating findings into actionable engineering remediation.
• Support Security Impact Analyses (SIAs) for system changes and new capability integration.
• Design and implement Continuous Monitoring (ConMon) strategies, including:
  • Telemetry integration
  • Automated data collection
  • Security dashboards
• Develop and maintain engineering-focused RMF artifacts, including:
  • SSP technical inputs
  • Architecture and data flow diagrams
  • Interface definitions
  • Control implementation evidence
• Provide technical input to AO briefings and authorization decisions, including AODB packages.
• Support agile authorization approaches, including OVL (Operation Vulcan Logic) and cATO objectives.

Enhanced ISSE Capabilities (Preferred)

• Apply Zero Trust Architecture (ZTA) principles across system design.
• Engineer ICAM solutions aligned to DoD guidance.
• Design secure data architectures, including encryption and data protection strategies.
• Support cloud security engineering aligned to FedRAMP High and DoD Cloud SRG (IL5).
• Integrate SBOM / AIBOM and supply chain risk management into system engineering processes.
• Develop automated security validation pipelines to support continuous authorization.
• Support AI/ML system security engineering, including data pipeline and model integrity protection (as applicable).

Requirements

• Active Top Secret clearance with SCI eligibility
• Bachelor's degree in Computer Science, Engineering, Cybersecurity, or related field
  • Master's degree preferred or 10+ years equivalent experience
• 10+ years of cybersecurity experience with a strong technical engineering focus
• Demonstrated experience with:
  • DoD RMF and A&A processes
  • eMASS, Xacta, or similar GRC tools
  • Cloud environments (AWS, Azure, GCP) within FedRAMP / DoD SRG
• Strong understanding of:
  • System architecture and design
  • Networking and infrastructure
  • DevSecOps pipelines
• Excellent written and verbal communication skills, with the ability to brief senior leadership and AOs
• Experience supporting OSD, DoD, or Military components strongly preferred

Preferred Certifications

• CISSP
• CASP+
• CCSP
• CISM

Compensation Includes:

• Salary Range: $180,000 - $220,000 **depending on experience**

• Full Benefits: Cigna Medical, Dental, Vision, 401K, PTO, Sick Leave as required by Law

This job opens for applications on 4/20/26. Applications will be accepted for at least 30 days from the posting date.

#LI-CB1

#LI-HYBRID

Keywords: information security, cyber security, cyber, splunk, nessus, tenable, nessus tenable, defender, microsoft defender, incident response, risk, risk assessment, risk assessment reports, vulnerability, engineer, audits, security, nessus scanning, CASP+ CE, CCNP Security, CISA, CISSP, GCED, GCIH, CCSP, CCNA-Security, CySA+ **, GICSP, GSEC, CND, SSCP, A+ CE, CND, Network+ CE, CAP, CND, Cloud+, GSLC, Security+ CE, HCISPP, CISSP-ISSAP, CISSP-ISSEP, GCIH, GCIA, RMF, ISSE, System Security Engineering, NIST 800-53, NIST 800-160, NIST 800-37, DoDI 8500.01, DoDM 8140, DevSecOps, Zero Trust, ICAM, FedRAMP High, DoD Cloud SRG, IL5, eMASS, Xacta, ACAS, STIG, SCAP, Continuous Monitoring, cATO, OUSD A&S, Security Architecture, Authorization Boundaries, Threat Modeling, AO Support