Level 2 Information Systems Security Engineer (ISSE)

The Information Systems Security Engineer (ISSE) shall perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies. The ISSE validates and verifies system security requirements definitions and analysis and establishes system security designs.

Responsibilities include designing, developing, implementing, and/or integrating IA and security systems and componentsspanning networks, computing systems, and enclave environments, including those with multiple enclaves and varied data protection/classification requirements. The ISSE builds IA into systems deployed to operational environments and assists architects and developers in implementing appropriate security functionality to ensure compliance with enterprise solutions and Agency policy.

Key tasks also include:

• Supporting the development of security architectures
• Enforcing trusted relationships among external systems and architectures
• Assessing and mitigating system security risks throughout the program lifecycle
• Participating in security planning, assessments, risk analyses, and awareness activities for systems and networks
• Reviewing certification and accreditation (C&A) documentation for completeness and compliance
• Applying expertise across areas including: system design, security engineering lifecycle, risk management, COTS/GOTS cryptography, identification, authentication, system integration, contingency planning, auditing, and more

The ISSE supports authorization efforts aligned with NSA/CSS Information System Certification and Accreditation Process (NISCAP), DoD Risk Management Framework (RMF), NIST RMF, and other NSA/CSS security engineering business processes.

Core Capabilities Expected:

• Participate as a security engineering representative on engineering teams for secure design, development, and integration of systems and enclaves
• Serve as the primary security engineering representative on teams for IA architecture and system integration
• Apply knowledge of IA policy, procedures, and workforce structures to implement secure environments
• Interact directly with customers and cross-functional project teams
• Support Government enforcement of trusted external system relationships
• Identify and define overall security requirements for Government data handling
• Conduct security planning, risk analysis, and risk management
• Recommend system-level security solutions
• Perform system or network designs across multiple enclaves and classification boundaries

Required:

• Bachelors degree in Computer Science, Information Assurance, Information Security System Engineering, or related field (or 4 years of equivalent ISSE experience)
• 14+ years of experience as an ISSE on similar programs and contracts
• DoD 8570.01-M compliance with IASAE Level 2
• CISSP Certification
• Experience with AI/ML RMF SSP authorization
• Expertise in AI/ML services contracts and configurations
• Proficiency in conducting AI/ML request security reviews
• Current TSSCI and Full Scope Polygraph

Desired:

• Advanced degree in a relevant field
• Additional certifications in cybersecurity or AI/ML
• Experience leading teams or mentoring junior security professionals
• Strong communication skills and ability to explain complex security concepts to diverse audiences
• Familiarity with emerging AI/ML security trends and best practices