Information System Security Engineer (ISSE) 

Employee Type: Full-Time
Job Type: Information Systems Security Engineer
Experience: 3+ Years
Clearance Type: Secret

​AERMOR is seeking an Information System Security Engineer (ISSE) to provide full life cycle support for the development, delivery, and sustainment of the Risk Management Framework (RMF) life cycle, ensuring systems are properly assessed and receive/maintain authorization. The ISSE will provide independent assessments, conduct reviews, and implement guidance for Department of Defense (DoD) and Department of the Navy (DON) acquisition, financial and Information Technology (IT) policies, laws and regulations. The successful candidate will work under minimal direction applying Information Assurance (IA) standards and regulations to the development and enhancement of IT capabilities in support of the command mission.

Responsibilities Include: 

  • Lead Risk Management Framework (RMF) efforts Steps 1 through 5
  • Support Step 6 Continuous Monitoring
  • Implement security control requirements in accordance with DoD/DON policy
  • Conduct annual internal RMF assessments
  • Maintain required information in eMASS
  • Access and work in Vulnerability Remediation Asset Manager (VRAM)
  • Recommend Information Assurance (IA) protection capabilities, and, in collaboration with system owners, develop implementation and management plans to include updates as guidance and threats change
  • Create and maintain multiple process documents, Standard Operating Procedures and RMF required artifacts
  • Manage Risk Assessment Report (RAR) and Plan of Action & Milestones (POA&M)
  • Ensure applications are compliant with annual DON CIO IA guidance
  • Other similar or related tasks as may be required to support management reporting requirements as they arise
  • Perform security control implementation, testing and reporting
  • Conduct system security reviews
  • Coordinate corrective actions to remediate system vulnerabilities
  • Develop security artifacts and Risk Management Framework (RMF) packages

Required Skills and Experience: 

  • B.S. in Engineering, Computer Science, Information Management Systems OR one of the following certifications:
    • CompTIA Security+CE
    • Certified Information Systems Security Professional (CISSP)
    • CompTIA Advanced Security Practitioner (CASP)CE
    • GIAC Security Essentials Certification (GSEC)
    • Systems Security Certified Practitioner (SSCP) 
  • Three (3+) years of experience with the development, review, and approval of Navy RMF assessment and authorization (A&A) 
  • Ability to effectively prioritize and execute tasks in a high-pressure environment
  • Ability to work both independently and on a team
  • Excellent written and oral communication skills
  • Good understanding of network, systems and application technologies
  • Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS) and Vulnerability Remediation Asset Manager (VRAM), Enterprise Mission Assurance Support Service (eMASS)

Apply Now

For more information contact: