Cybersecurity Engineer III at INFORMATION SYSTEMS SOLUTIONS, INC
San Diego, California, United States -
Full Time


Start Date

Immediate

Expiry Date

20 May, 26

Salary

150000.0

Posted On

19 Feb, 26

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

No

Skills

Assessment And Authorization, Cybersecurity Monitoring, Incident Triage, Vulnerability Identification, Remediation Strategies, Risk Management Framework, Security Control Testing, Security Control Tailoring, Plan Of Milestones And Actions, System Security Plan, Security Assessment Plan, Security Assessment Reports, eMASS Tasking, Independent Verification And Validation, STIG Checks, POA&M Updates

Industry

IT Services and IT Consulting

Description
Description Information Systems Solutions (ISS) is seeking a Cybersecurity Engineer III to support the NIWC PAC Information Technology Management Support Services contract. The Cybersecurity Engineer III will be responsible for supporting Assessment and Authorization (A&A) accreditation efforts. This role maintains cybersecurity monitoring operations, performs triage to assess the scope and impact of incidents, identifies vulnerabilities, and recommends remediation strategies. The role requires in-depth knowledge of the Risk Management Framework. 100% onsite Key Responsibilities: · Test and apply security controls based on security categorization, the application of overlays (privacy, classified, intel, etc.) and security control tailoring (AI, NOFORN, etc.). · Conduct active and passive reconnaissance of data, with the ability to assess and author Plans of Milestones and Actions (POA&Ms) containing accurate and verifiable mitigation statements, milestone tracking, and applying to the most relevant security control. · Development of comprehensive required A&A documentation, including System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Reports (SARs), etc. · Adherence to the eMASS scheduled tasking within the accreditation cycle, including Quarterly Independent Verification and Validation (IV&V), quarterly STIG checks, Annual Security Review (ASR), monthly POA&M updates, and resubmission for ATO, ATC, IATC and IATT as applicable. · Maintenance of DISA circuit connections (CCSDs), inheritance from accredited systems and cloud service providers, and the workflow schedule on accreditations. Why Work For ISS? At ISS we pride ourselves on providing an employee-focused and family first environment. Being a small business, we take the time to get to know our employees and have a vested interest in helping them achieve their career goals. We work to schedule regular social gatherings within the company to foster camaraderie. ISS values their employees by providing a comprehensive benefits package that includes a fully vested 401(k) matching program, coverage of family medical deductibles, spot bonuses, and educational assistance to further your career. Requirements Clearance Level Secret Certifications IAT III (one of the following) CASP+ CCNP Security CISA CISSP (or Associate) GCED GCIH Required Qualifications: · 10+ years of experience in cybersecurity or incident response. · Certifications preferred: Certified Information Systems Security Professional (CISSP). Skills & Competencies: · Cybersecurity Monitoring and Incident Response · Security Testing, Auditing, and Remediation · Data Analytics and Risk Assessment · Proficiency with IT Security Software and Web Security Tools
Responsibilities
The Cybersecurity Engineer III will support Assessment and Authorization (A&A) accreditation efforts, maintaining cybersecurity monitoring operations, assessing incidents, identifying vulnerabilities, and recommending remediation strategies based on in-depth knowledge of the Risk Management Framework. Key duties include testing security controls, conducting reconnaissance, authoring Plans of Milestones and Actions (POA&Ms), developing comprehensive A&A documentation, and adhering to eMASS scheduled tasking.
Loading...