Information Systems Security Engineer (ISSE) – Journeyman

Please note that this position is contingent upon the successful award of a contract currently under bid.

Goldbelt Nighthawk offers sound solutions in software development and both defensive and proactive cybersecurity. Nighthawk offers an integrated, holistic cybersecurity workforce that is enthusiastic, continuously learning, and progressive. The team is fully committed to implementing dynamic cybersecurity solutions that effectively address the needs of customers. Nighthawk’s flexibility and expertise across the cybersecurity field provides customized solutions to our customer's unique needs. 

Summary:

The Information Systems Security Engineer (ISSE) – Journeyman supports the design, implementation, and maintenance of cybersecurity architecture for systems and enclaves. This role focuses on executing RMF activities, supporting security control implementation, and assisting with system authorization efforts.

Essential Job Functions:

• Support the development and maintenance of system cybersecurity architecture and solutions
• Assist in identifying Authorizing Official (AO) and Security Control Assessor (SCA) cognizance and applicable authorization requirements (e.g., reciprocity, cross domain, overlays)
• Help identify and tailor security control baselines in accordance with system categorization
• Support development, maintenance, and tracking of the System Security Plan (SSP)
• Assist in implementing and testing security controls
• Perform vulnerability-level risk assessments and support POA&M/CAP tracking
• Support execution of required security testing for Authorization & Accreditation (A&A) and annual reviews
• Assist in preparing Security Assessment Plans (SAPs) with program support
• Support mitigation and closure of vulnerabilities through change control processes
• Execute cybersecurity testing to assess security controls and document compliance status
• Ensure accurate data entry into eMASS and alignment with implementation results
• Maintain traceability of vulnerabilities from assessment results to POA&M entries
• Support development of the Security Assessment Report (SAR) and associated documentation
• Utilize the eMASS Collaboration Board for RMF coordination and document findings in the Artifacts repository
• Participate in system engineering activities to ensure cybersecurity requirements are integrated throughout the lifecycle

Necessary Skills and Knowledge:

• Familiarity with RMF, NIST 800-53 controls, and DoD cybersecurity policies

Minimum Qualifications:

• Minimum 2 years of experience of the following:
  • Experience in documenting RMF Assessment and Authorization requirements.
  • Experience in RMF testing of all CS requirements and analysis required to complete an RMF package document for submittal and approval.
  • Experience performing vulnerability risk analysis on the deficiencies found during RMF testing.
  • Must be able to supply total number of RMF authorizations performed.
  • Experience with IA tools and scanners used to evaluate the security posture of the system/enclave.
  • Experience with DoD-specific, DoN-specific, and NAVSUP-specific RMF services (including RMF package services) and using and complying with the Navy RMF Process Guide version 4.1 (or 4.0 or the latest version) and the NAVSUP FAO RMF Business Rules version 1.0 (or latest version).
  • Experience with concurrently supporting over 10 RMF packages.
• Must have a Tier III Level Clearance

Preferred Qualifications:

• Bachelor’s degree in Cybersecurity, Information Technology, Engineering, or related field

Pay and Benefits
At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.