Junior Information System Security Engineer (ISSE)

Position Overview:

We are seeking a highly motivated Junior Information Systems Security Engineer (ISSE) to join our team. This is a contingent position pending modification to the contract. You will be responsible for assessing the severity of weaknesses or deficiencies in information systems and their environments. You will recommend corrective actions to address identified vulnerabilities and prepare security assessment reports detailing your findings. As part of our Risk Management Framework (RMF) team, the ISSE will serve as a trusted agent to assess and validate that the system has implemented the approved security controls.

Supervisory Responsibilities:

• N/A for this position

Responsibilities:

• Review, analyze, and evaluate business systems and user needs, focusing on Authorization and Accreditation (A&A), security requirements, and Plans of Action and Milestones (POA&Ms) for the Navy.
• Collaborate daily with the PMO, Operations, and IT Security teams to address A&A needs and POA&M remediation efforts.
• Write, edit, and manage a wide range of IT security documentation, ensuring compliance with federal IT standards such as FISMA, FIPS, NIST SPs, and NIST SP 800-37 Rev 1.
• Perform internal audits of systems prior to third-party audits.
• Participate in security control implementation, testing efforts, and vulnerability-level risk assessments.
• Assist in mitigating and closing open vulnerabilities under the system’s change control process.
• Contribute to reviewing and updating RMF Cyber Security documentation.
• Ensure plans and channels are in place for incident response, business continuity, disaster recovery, and vulnerability and threat reporting.
• Perform other related duties as assigned, ensuring flexibility to meet the evolving needs of the company.

Clearance Level:

• Current or ability to obtain a DoD Secret Clearance is required. Note: To obtain a security clearance, you must be a US citizen and meet the 13 adjudicative guidelines.

Required Experience:

• 0 to 3 years of experience in Information Systems Security Engineering, with DoD RMF experience.
• Some experience following the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) and/or RMF (RMF preferred).
  • Familiarity in RMF testing for all CS requirements, including analysis required to complete an RMF package document for submission and approval.
  • Experience performing vulnerability risk analysis on deficiencies found during RMF testing.
• Familiar with IA tools and scanners used to evaluate system/enclave security posture.
• Familiar with Enterprise Mission Assurance Support Service (eMass).
• Familiar with security technologies such as firewalls, intrusion detection/prevention systems, and vulnerability assessment tools.

Qualifications:

• A bachelor’s degree in computer science or a related field is preferred, but we value equivalent experience and skills from a variety of backgrounds just as much.
• Strong verbal and written communication skills.
• Strong problem-solving abilities and attention to detail.
• Ability to work independently and collaboratively in a team environment.
• Familiar with the RMF process in accordance with the Navy RMF Process Guide.

Required Certifications:

• Current CGRC, CASP CE, CISM, CISSP, GSLC, or CCISO or willingness to obtain it within two weeks of start.

Location & Commitments:

• Position: Full Time
• Work Arrangement: This is a remote position, but we prefer candidates located within a six-hour driving radius of Mechanicsburg, Pennsylvania, to facilitate periodic meetings
• Travel Requirements: Travel to the client site is required for approximately two to five days every two to three months.
• Work Hours: A typical workday consists of eight hours, totaling a forty-hour work week. We understand that there may be times when employees will need to adjust their work hours due to client needs or personal reasons. To help balance these demands, we offer some flexibility in work schedules.

What We Offer:

• Competitive salary and discretionary performance-based bonuses.
• Comprehensive health benefits, including medical, dental, and vision insurance.
• Flexible Paid Time Off (PTO) and holidays to help you maintain a healthy work-life balance.
• Opportunities for professional development and continued learning.
• Hybrid/remote work arrangement with flexible hours.
• 401(k) retirement plan with company match.
• Employee recognition programs and company events.

Creating an Environment of Respect and Opportunity: 

At JMA Resources, we value diverse paths to expertise and welcome candidates from all backgrounds. Your qualifications may come from a variety of experiences, including formal education, certifications, professional development, mentorship, hands-on work, or a unique combination of these. We encourage you to share the distinctive journey that has prepared you for this role during your interviews.

JMA Resources is an equal opportunity employer committed to achieving a diverse workforce with an environment free of discrimination and harassment. All aspects of employment, including recruitment, hiring, promotions, transfers, discipline, terminations, wage and salary administration, benefits, and training, are based on business needs, job requirements, and individual qualifications, without regard to race, age, color, physical or mental disability, religion, gender, sexual orientation, gender identity/expression, marital status, national origin, political affiliation or protected veteran status. 

At JMA Resources, we are dedicated to fostering an inclusive environment for all qualified individuals. We provide reasonable accommodations to persons with disabilities to ensure equal access throughout the application and hiring process. If you need assistance or require an accommodation, please reach out to Amy Foy, VP of Employee Experience, at afoy@jmares.com.  

JMA Resources participates in E-Verify to confirm the identity and employment eligibility of all newly hired employees.