Information Assurance Engineer II

Seeking an Information Assurance Engineer II to support the full Risk Management Framework (RMF) lifecycle and contribute to achieving and sustaining Authority to Operate (ATO) for assigned systems. The position focuses on maintaining RMF documentation, validating implementation of DISA STIGs and SRGs, supporting vulnerability management activities, and assisting with continuous monitoring and security assessments for the U.S. Navy in San Diego, CA.

Responsibilities

• Support the full RMF lifecycle for assigned systems, including development, update, and maintenance of security documentation required to obtain and sustain ATO.

• Prepare and maintain RMF artifacts such as System Security Plans (SSPs), POA&Ms, security control documentation, and related evidence within repositories such as eMASS .

• Validate, document, and support implementation of DISA STIGs and Security Requirements Guides (SRGs) across operating systems, applications, databases, and network devices.

• Execute and support vulnerability management activities, including review of scan results from tools such as ACAS/Nessus, analysis of findings, and coordination of remediation efforts.

• Track identified security findings through POA&M management, ensuring issues are documented, prioritized, and resolved in a timely manner .

• Implement and support continuous monitoring strategies to verify that deployed systems remain compliant and that security controls continue to operate effectively.

• Review system audit logs, compliance reports, and security events to identify anomalies, potential risks, and areas requiring corrective action.

• Support security auditing and assessment activities by preparing artifacts and evidence for internal reviews, external inspections, and Security Control Assessor (SCA) evaluations.

• Coordinate with technical teams to resolve compliance discrepancies and strengthen system security posture.

• Establish and satisfy complex system-wide information security requirements based on analysis of user needs, policy requirements, regulatory mandates, and available resources.

• Support development and implementation of information assurance doctrine, policies, standards, and procedures for government and commercial common-user systems, as well as specialized purpose systems requiring enhanced security features.

• Provide guidance to stakeholders and team members on cybersecurity compliance requirements and best practices.

• May lead and direct the work of others and provide status updates to leadership, supervisors, or program managers.

Qualifications

• Bachelor's degree in Cybersecurity, Information Technology, Information Assurance, Computer Science, or a related field

• Active Secret Clearance Required

• 5+ years of relevant experience in information assurance, cybersecurity, RMF, compliance, or a related field.

• Demonstrated experience supporting the RMF process and preparing or maintaining ATO packages.

• Experience working with eMASS or similar compliance/documentation repositories.

• Knowledge of DISA STIGs, SRGs, and security compliance practices across infrastructure and application environments.

• Experience with vulnerability scanning and analysis tools such as ACAS/Nessus.

• Familiarity with POA&M management, remediation tracking, and continuous monitoring practices.

• Experience supporting security assessments, audit readiness, and control validation activities.

• Strong understanding of cybersecurity principles, risk management, and regulatory compliance requirements.

• Ability to analyze complex security requirements and apply them across enterprise and specialized systems.

Pay Transparency Statement

AMERICAN SYSTEMS is committed to pay transparency for our applicants and employee-owners. The salary range for this position is USD $90,000.00/Yr. - USD $110,000/Yr. Actual compensation will be determined based on several factors permitted by law. AMERICAN SYSTEMS provides for the welfare of its employees and their dependents through a comprehensive benefits program by offering healthcare benefits, paid leave, retirement plans, insurance programs, and education and training assistance.

EEO Statement

EEO Race/Sex/Disability Status/Veteran Status