Talent.com
Information System Security Engineer ISSE II

Information System Security Engineer ISSE II

OneZero SolutionsPhiladelphia, PA, USA
8 hours ago
Job type
  • Full-time
  • Temporary
  • Quick Apply
Job description

We are an employee-centric company that truly appreciates our team members and their value to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and fostering teams that are and continue to be technically proficient and technically capable across a comprehensive range of cyber mission areas. OneZero full-time employees receive an extremely competitive benefits package that includes health / dental / vision / life insurance plans, 401K with company matching, PTO & paid holidays, employee referral program, and educational assistance. Additional details can be found on our website at : /

Position Title : ISSE II

Clearance : Secret

Location : Philadelphia, PA with Travel to Keyport Fl and San Diego

Job Summary :

This position will work with OneZero Solutions to support the Naval Surface Warfare Center Philadelphia Division (NSWCPD). The NSWCPD is a Department of Defense entity responsible for research and development, test and evaluation, engineering and fleet support organization for the Navy's ships, submarines, military watercraft and unmanned vehicles. This requirement is for NSWCPD Code 104, which is responsible for Information Technology Operations Division of NSWCPD's Research, Development, Test & Evaluation (RDT&E) and Business Systems cybersecurity and information assurance support.

The ISSE II will provide cybersecurity support to the NSWCPD Information Technology Operations Division (Code 104), focusing on the development, maintenance, and tracking of Risk Management Framework (RMF) system security plans and ensuring compliance with Department of Defense (DoD) and Navy cybersecurity requirements. The role supports a variety of Navy networks and systems, including RDT&E, NMCI, CTF, and closed enclave networks.

Education and Experience :

  • Bachelor's Degree in computer science, information technology, or an equivalent technical degree from an accredited college or university.
  • Three (3) years professional experience capturing and refining information security operational and security requirements, and ensuring those requirements are properly addressed through purposeful development, and configuration; and implementing security controls, configuration changes, software / hardware updates / patches, vulnerability scanning, and securing configurations.
  • Minimum certification requirement : CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP.

Essential Duties :

Assist in developing, maintaining, and tracking RMF system security plans, including :

  • System Categorization Forms
  • Platform Information Technology (PIT) Determination Checklists
  • Assess Only (AO) Determination Checklists
  • Implementation Plans
  • System Level Continuous Monitoring (SLCM) Strategies
  • System Level Policies, Hardware / Software Lists, System Diagrams, Privacy Impact Assessments (PIA), and Plans of Action and Milestones (POA&M)
  • Execute the RMF process to support Interim Authority to Test (IATT), Authorization to Operate (ATO), and Denial of Authorization to Operate (DATO)
  • Identify and tailor IT and Cybersecurity control baselines based on RMF guidelines
  • Perform Ports, Protocols, and Services Management (PPSM)
  • Conduct IT and Cybersecurity vulnerability-level risk assessments
  • Execute security control testing as required by risk assessments or annual security reviews
  • Mitigate and remediate system-level vulnerabilities per STIG requirements
  • Develop and maintain POA&Ms in Enterprise Mission Assurance Support Service (eMASS)
  • Develop and maintain system-level IT and Cybersecurity policies and procedures
  • Implement and assess STIGs and SRGs
  • Perform vulnerability assessments using automated tools (e.g., ACAS, SCAP, SCC)
  • Deploy security updates and patches to Information System components
  • Conduct routine audits and maintain inventory of IT system hardware and software
  • Participate in IT change control and configuration management processes
  • Upload vulnerability data in Vulnerability Remediation Asset Manager (VRAM)
  • Image / re-image assets and install / troubleshoot software to support compliance
  • Assist with removal of critical components (SSD / HDD) prior to asset destruction
  • Provide cybersecurity patching in response to DoD / DoN TASKORDs, FRAGORDs, or as required by management
  • Support configuration change documentation and maintain DoD STIG compliance
  • Support cyber compliance for enterprise IT network assets (Windows server, CISCO hardware)
  • Report compliance issues to management to avoid operational loss

    • Knowledge, Skill and Abilities :

  • Compliance with all NSWCPD, DoD, and Navy policies, procedures, and regulations
  • Ability to work independently and as part of a cross-functional team
  • Strong communication skills for reporting, documentation, and stakeholder engagement.

    • OneZero Solutions, LLC is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category under applicable federal, state, and local laws.

    To request an accommodation, please contact us at or call (202) 987-2580.

    Job Posted by ApplicantPro

    Create a job alert for this search

    Information System Security Engineer Isse • Philadelphia, PA, USA