NISSC 3 Information Systems Security Engineer II (ISSE)

AMERICAN SYSTEMS is seeking our next Information Systems Security Enigneer II (ISSE)

As an Information Systems Security Engineer II (ISSE) on the NISSC 3 program, you will analyze, design, and implement technical security controls to protect mission-critical information systems and ensure continuous compliance with RMF, NIST, and DoD cybersecurity requirements.
You will perform configuration, vulnerability, and risk assessments; deploy and validate security tools; support Assessment & Authorization (A&A) activities; and provide technical leadership for cybersecurity integration across complex systems. You will work closely with systems engineering, configuration management, and the EDLM/UDLM (Emergency/Urgent Depot Level Maintenance) Manager to maintain cyber readiness and support incident response.

Ensure automated information system (AIS) and network nodes are operated, maintained, and
• Analyze, design, and implement technical security controls for complex information systems in accordance with RMF, NIST, and DoD requirements.
• Perform configuration assessments, vulnerability assessments, and risk assessments for systems, applications, and supporting infrastructure.
• Configure, deploy, and validate security tools and technologies to monitor, detect, and protect against cyber threats.
• Support the development, documentation, and maintenance of assessment and authorization (A&A) packages, including system security plans (SSPs), plans of action and milestones (POA&Ms), and supporting artifacts.
• Conduct security impact analyses for system changes and recommend appropriate security engineering solutions.
• Participate in incident tracking and remediation activities; support root-cause analysis and corrective actions to prevent recurrence.
• Provide technical leadership and guidance on systems security engineering best practices to project teams and stakeholders.
• Oversee cybersecurity integration across systems, ensuring security controls are effectively implemented during design, development, test, deployment, and sustainment.
• Support vulnerability management activities, including scanning, analysis, remediation planning, and status reporting.
• Develop and submit security reports, threat analyses, and risk summaries to support program decision-making and senior leadership updates.
• Collaborate closely with the EDLM/UDLM Manager to ensure that emergency and urgent depot-level maintenance actions comply with cybersecurity requirements and do not introduce unacceptable risk.
• Contribute to continuous improvement of cybersecurity processes, procedures, and tooling in alignment with evolving DoD and NIST guidance.

• 4-6 years of relevant, hands-on experience in systems security engineering, cybersecurity engineering, information assurance, or related discipline, ideally within a DoD or similarly regulated environment.
• Advanced knowledge of systems security engineering principles and practices, with demonstrated experience designing and implementing technical security controls.
• Hands-on experience conducting configuration assessments, vulnerability assessments, and risk assessments for DoD or similar high-assurance systems.
• Proven ability to configure, manage, and validate security tools and technologies in support of RMF, NIST, and DoD compliance.
• Experience supporting the development and maintenance of RMF A&A packages, including security documentation, control implementation statements, and evidence collection.
• Demonstrated capabilities in incident tracking, triage, remediation support, and collaboration with incident response teams.
• Proficiency in developing advanced security solutions and overseeing cybersecurity integration across complex systems and environments.
• Experience with one or more of the following tools (or similar):
  • eMASS, XACTA, CORE
  • ACAS
  • SCAP tools
  • Nessus
  • Checkmarx
  • ZAP DAST
• Ability to interpret and apply DoD, NIST, and RMF policy, standards, and guidance in an operational environment.
• Strong written and verbal communication skills, including experience producing technical documentation, security reports, and risk/threat analyses.
• Must hold at least one qualifying DoD 8140 certification (e.g., CCSP, Cloud+, CSC, GCLD, GSEC, SecurityX/CASP+).
• Active DoD Secret clearance with eligibility to obtain TS/SCI.
• Bachelor's degree in one of the following (or closely related) fields:
  • Information Technology (IT)
  • Cybersecurity
  • Computer Science (CS)
  • Information Systems (IS)
  • Data Science
  • Software Engineering
    OR Equivalent DoD/Military training in cybersecurity, information assurance, or systems security engineering.