Information System Security Engineer (ISSE)

Requirements

• Determine and document system security control requirements
• Implement and maintain security controls within compliance and authorization tools
• Conduct annual security control reviews through testing, examination, and interviews
• Assess the effectiveness of cybersecurity measures across systems
• Analyze threats and vulnerabilities to develop system security risk profiles
• Identify and guide remediation of technical security issues during system testing and deployment
• Evaluate and recommend cybersecurity products that meet organizational validation requirements
• Collaborate with stakeholders to define functional needs, develop secure architectures, and communicate security best practices
• Document network and system security configurations for existing and emerging systems
• Develop and document best practices for securing networks, applications, servers, databases, and system components
• Perform cybersecurity hardening and continuous monitoring, including STIGs, patching, and vulnerability scanning
• Manage security-related configurations based on operational requirements
• Integrate cybersecurity vulnerability mitigations into system designs
• Provide implementation guidance to customers for secure system deployment
• Support Risk Management Framework (RMF) activities and associated documentation
• Assist with security certification, test, and evaluation activities
• Ensure all security design and development activities are thoroughly documented