Information Systems Solutions, Inc.

About the Company

ISS is an innovative information technology (IT) services and solutions provider to the Department of Defense (DoD) and other federal government agencies. We provide expert systems integration and administration, network engineering, software development, information assurance, and project management support. ISS employees are skilled professionals dedicated to providing the highest quality support and services. We are committed to the success of our customer’s mission and experienced in "Meeting Critical Goals on Time Throughout the World."

Why Work For ISS?

At Information Systems Solutions (ISS), we pride ourselves on providing an employee-focused and family first environment. Being a small business, we take the time to get to know our employees and have a vested interest in helping them achieve their career goals. We work to schedule regular social gatherings within the company to foster camaraderie. ISS values their employees by providing a comprehensive benefits package that includes a fully vested 401(k) matching program, coverage of family medical deductibles, spot bonuses, and educational assistance to further your career.

Listed Jobs

Company Name

Information Systems Solutions, Inc.

Job Title

Cybersecurity Engineer – RMF / A&A

Job Description

Job Title: Cybersecurity Engineer – RMF / A&A Role Summary: Lead the Risk Management Framework (RMF) and Assessment & Authorization (A&A) lifecycle for an authorized system. Independently execute daily RMF tasks, maintain eMASS packages, develop SSP, SCTM, POA&Ms, and ensure compliance with NIST, DoD, and Navy RMF guidelines. Coordinate with authorizing officials, assessors, system engineers, and enterprise cybersecurity teams. Exper Expectations: - Minimum 5 years of DoD RMF/A&A experience. - Secret clearance required. - IAM Level II certification: CASP+, CAP, CISM, CISSP (or Associate), or GSLC. - Ability to work independently with minimal supervision; strong self‑management. - Strong communication for documentation and briefing. Key Responsibilities: 1. Execute RMF processes per NIST SP 800‑37, DoDI 8510.01, and Navy RMF. 2. Draft, update, and preserve SSPs, SCTMs, POA&Ms, and related artifacts. 3. Manage eMASS authorization and continuous monitoring packages; track milestones. 4. Validate implementation of NIST SP 800‑53 controls and DISA STIG compliance. 5. Analyze vulnerability scans (ACAS, SCAP, etc.) and document corrective actions. 6. Develop continuous monitoring strategies; report cyber risk metrics to stakeholders. 7. Conduct impact analysis for system changes; align with enclave‑specific requirements. 8. Provide security guidance to system, network, and cloud teams; recommend mitigation. 9. Coordinate with enterprise cybersecurity teams for policy alignment and audit support. 10. Facilitate ATO preparation, renewal, and interim authorization milestones. Required Skills: - In‑depth knowledge of RMF, A&A, eMASS, SSP, SCTM, POA&Ms. - Proficiency with NIST SP 800‑53 controls and DISA STIG. - Experience with vulnerability tools (ACAS, SCAP) and remediation tracking. - Ability to interpret system configurations, architecture diagrams, and data flows for security. - Strong written and verbal communication; documentation and briefing. - Capacity for independent work and coordination across distributed teams. Required Education & Certifications: - Security-related bachelor’s degree (or equivalent experience). - Secret clearance. - IAM Level II certification: CASP+, CAP, CISM, CISSP (or Associate), or GSLC. - Preferred: Experience in classified environments (SWAN, RDT&E, SDREN, IL5/IL6 Cloud) and integration of RMF into DevSecOps/cloud environments.

San diego, United states

On site

Mid level

02-03-2026