Job Specifications
Description
Information Systems Solutions (ISS) is seeking a Cybersecurity Engineer with strong experience in Risk Management Framework (RMF) and Assessment & Authorization (A&A) processes to serve as the primary cybersecurity resource supporting a system Authority to Operate (ATO). This role operates independently with minimal direct supervision and is responsible for managing day-to-day RMF execution activities. The engineer will have local reach back support to a broader cybersecurity team but will function as the primary practitioner for ATO lifecycle activities.
100% onsite.
Specific duties include, but are not limited to the following:
Primary RMF / A&A Execution
Execute RMF activities in accordance with NIST SP 800-37, DoDI 8510.01, and Navy RMF guidance.
Develop, update, and maintain A&A documentation including System Security Plans (SSP), Security Control Traceability Matrices (SCTM), POA&Ms, and supporting artifacts.
Manage and maintain eMASS packages through authorization and continuous monitoring phases.
Coordinate directly with Authorizing Officials (AOs), Security Control Assessors (SCAs), ISSMs, ISSOs, and system engineers.
Prepare systems for ATO, ATO renewal, and interim authorization milestones.
Independently track package status, milestones, and required artifacts to ensure timely authorization.
Security Control Implementation & Validation
Validate implementation of NIST SP 800-53 security controls.
Support DISA STIG implementation and remediation tracking.
Review system configurations, architecture diagrams, and data flows for security compliance.
Analyze ACAS, SCAP, or equivalent vulnerability scan results and document corrective actions.
Maintain accurate and actionable POA&Ms.
Continuous Monitoring & Risk Management
Develop and maintain continuous monitoring strategies and documentation.
Track cybersecurity posture and risk metrics for reporting to government stakeholders.
Support impact analysis for system changes and configuration updates.
Ensure alignment with enclave-specific requirements.
Collaboration & Advisory Support
Provide cybersecurity guidance to system, network, and cloud engineers.
Identify security gaps and recommend risk mitigation strategies.
Coordinate with enterprise cybersecurity teams for policy alignment and reachback support.
Support audit readiness and inspection activities.
Why Work For ISS?
At ISS we pride ourselves on providing an employee-focused and family first environment. Being a small business, we take the time to get to know our employees and have a vested interest in helping them achieve their career goals. We work to schedule regular social gatherings within the company to foster camaraderie. ISS values their employees by providing a comprehensive benefits package that includes a fully vested 401(k) matching program, coverage of family medical deductibles, spot bonuses, and educational assistance to further your career.
Requirements
Clearance Level:
Secret
Certification (IAM Level II)
One Of The Following
CASP+
CAP
CISM
CISSP (or Associate)
GSLC
Required Skills
5+ years of experience supporting RMF and A&A processes in DoD environments.
Demonstrated experience independently managing eMASS packages.
Strong working knowledge of NIST SP 800-53 security controls.
Experience supporting systems through ATO authorization and renewal cycles.
Ability to operate independently with minimal supervision while coordinating with distributed teams.
Preferred Qualifications
Experience supporting classified environments (e.g., SWAN, RDT&E, SDREN, IL5/IL6 Cloud).
Familiarity with ACAS, SCAP, or other vulnerability management tools.
Experience integrating RMF activities into DevSecOps or cloud environments.
Strong written documentation and briefing skills.
About the Company
ISS is an innovative information technology (IT) services and solutions provider to the Department of Defense (DoD) and other federal government agencies. We provide expert systems integration and administration, network engineering, software development, information assurance, and project management support. ISS employees are skilled professionals dedicated to providing the highest quality support and services. We are committed to the success of our customer’s mission and experienced in "Meeting Critical Goals on Time Thro...
Know more