Information System Security Engineer (ISSE) – TS/SCI Full Scope Poly
📍 Location: Annapolis Junction, MD
🏢 Work Arrangement: 100% Onsite
💼 Employment Type: Full-Time
🔒 Security Clearance Required: Active TS/SCI with Full Scope Polygraph (NSA Preferred)
🇺🇸 Citizenship: U.S. Citizen Required
🎓 Certification Required: DoD 8570/8140 IASAE Level II Compliant Certification
🚫 Visa Sponsorship: Not Available
🚚 Relocation Assistance: Available
💰 Compensation: $100,000 – $200,000 Base Salary
Overview
A leading government technology contractor is seeking Information System Security Engineers (ISSEs) to support mission-critical classified government programs.
This role focuses on integrating cybersecurity engineering principles throughout the entire system lifecycle, including system design, implementation, accreditation, continuous monitoring, and sustainment. The ISSE will play a critical role in Risk Management Framework (RMF) execution, Assessment & Authorization (A&A) activities, security control validation, and ongoing cybersecurity compliance.
The ideal candidate will possess a strong blend of cybersecurity engineering, RMF expertise, technical security assessment experience, and security architecture knowledge within highly secure classified environments.
Key Responsibilities
Risk Management Framework (RMF)
Support the full RMF lifecycle for classified information systems.
Develop and maintain RMF documentation and security artifacts.
Assist with Authority to Operate (ATO) activities and sustainment.
Support Assessment & Authorization (A&A) efforts.
Maintain body-of-evidence packages for accreditation activities.
Security Engineering
Implement and validate security controls.
Perform Security Control Traceability and technical validation.
Support system boundary definition and security architecture development.
Conduct technical security assessments and risk analysis.
Recommend security improvements and mitigation strategies.
Compliance & Continuous Monitoring
Participate in Continuous Monitoring (ConMon) activities.
Conduct compliance assessments and security reviews.
Analyze vulnerability scan results and remediation efforts.
Verify remediation effectiveness and identify false positives.
Ensure ongoing compliance with cybersecurity requirements.
Vulnerability Management & Hardening
Support vulnerability management programs.
Implement and validate STIG compliance.
Support patch validation and security compliance efforts.
Assist with system hardening initiatives.
Coordinate remediation activities with technical teams.
Stakeholder Collaboration
Work closely with:
ISSOs
ISSMs
Security Control Assessors (SCAs)
System Owners
System Administrators
Support accreditation, compliance, and cybersecurity engineering efforts across mission systems.
Required Qualifications
Security Requirements
✔ Active TS/SCI Clearance
✔ Active Full Scope Polygraph (NSA Preferred)
✔ U.S. Citizenship Required
Certification Requirement
✔ DoD 8570/8140 IASAE Level II Compliant Certification
Examples include:
CISSP
CASP+
CCSP
CSSLP
Cybersecurity & RMF Experience
Strong experience with:
Risk Management Framework (RMF)
Assessment & Authorization (A&A)
Authority to Operate (ATO)
Security Control Implementation
Security Control Validation
Continuous Monitoring (ConMon)
NIST Knowledge
Strong familiarity with:
NIST SP 800-37
NIST SP 800-53 Rev. 3 and/or Rev. 5
Security Control Frameworks
RMF Compliance Processes
RMF & Compliance Tools
Experience with one or more of:
LATTEART
XACTA
BISCOTTI
WATCHCAT
STE
Additional experience with:
Compliance scanning tools
Configuration assessment tools
Vulnerability management platforms
Core ISSE Skill Areas
Security Engineering
Security Control Implementation
Security Control Validation
Security Architecture Support
System Boundary Definition
Compliance & Accreditation
Assessment & Authorization (A&A)
RMF Artifact Development
Accreditation Package Support
Body of Evidence Management
Vulnerability Management
Vulnerability Analysis
Remediation Tracking
Patch Validation
STIG Compliance
Security Hardening
Risk Management
Technical Risk Analysis
Compliance Validation
Continuous Monitoring (ConMon)
Security Assessment Support
Preferred Qualifications
Government & Classified Environment Experience
Classified Government cybersecurity programs.
Large-scale enterprise systems.
Mission-critical environments.
Technical Infrastructure Exposure
Experience supporting:
Enterprise Linux environments
Network infrastructure
Cloud environments
Stakeholder Coordination
Experience collaborating with:
ISSOs
ISSMs
Security Control Assessors
System Owners
Engineering Teams
Must-Have Requirements
Clearance
✅ Active TS/SCI Clearance
✅ Active Full Scope Polygraph
Certification
✅ IASAE Level II Certification
Cybersecurity
✅ RMF Experience
✅ A&A Experience
✅ ATO Experience
✅ Security Control Validation
Compliance
✅ Continuous Monitoring
✅ Vulnerability Management
✅ STIG Implementation
Documentation
✅ RMF Artifacts
✅ Accreditation Packages
✅ Security Documentation
Screening Questions
Do you currently hold an active TS/SCI clearance with a Full Scope Polygraph?
Was your Full Scope Polygraph issued by NSA?
When was your most recent Full Scope Polygraph completed?
Which IASAE Level II certification do you currently hold (CISSP, CASP+, CCSP, CSSLP, etc.)?
How many years of ISSE or cybersecurity engineering experience do you have?
Have you supported the full RMF lifecycle, including A&A and ATO activities?
Which RMF tools have you used (XACTA, LATTEART, BISCOTTI, WATCHCAT, STE)?
Do you have experience implementing and validating security controls?
Have you supported STIG implementation, vulnerability remediation, and compliance validation?
Do you have experience supporting classified government systems?
Ideal Candidate Profile
The ideal candidate will:
Hold an active TS/SCI Full Scope Polygraph.
Possess an active IASAE Level II certification.
Have strong cybersecurity engineering experience within classified environments.
Be highly knowledgeable in RMF, A&A, and ATO processes.
Understand security architecture, control implementation, and compliance validation.
Have experience supporting vulnerability management and STIG compliance.
Demonstrate excellent analytical, troubleshooting, and documentation skills.
Balance mission objectives with cybersecurity requirements and risk management practices.
Candidate Snapshot
Requirement
Details
Clearance
Active TS/SCI + Full Scope Poly
Citizenship
U.S. Citizen
Experience Level
Mid-Level to Senior
Certification
IASAE Level II Required
Frameworks
RMF, NIST 800-37, NIST 800-53
Compliance
A&A, ATO, ConMon
Security
Control Implementation & Validation
Documentation
RMF Artifacts & Accreditation Packages
Tools
XACTA, LATTEART, BISCOTTI, WATCHCAT, STE
Location
Annapolis Junction, MD
Work Arrangement
100% Onsite
Travel
None
Compensation
$100K – $200K
Relocation
Available
Why This Opportunity?
Mission Impact
Support highly classified systems that directly contribute to critical national security missions.
Cybersecurity Engineering Focus
Move beyond compliance into hands-on security engineering, architecture support, security control validation, and accreditation activities.
Technical Growth
Gain exposure to advanced RMF processes, security engineering practices, vulnerability management, and enterprise cybersecurity operations.
Strong Benefits Package
3 Weeks PTO
11 Federal Holidays
Medical & Dental Coverage
Life Insurance
STD & LTD Coverage
401(k) with Company Match
Long-Term Career Development
This opportunity is ideal for an Information System Security Engineer (ISSE), Cybersecurity Engineer, RMF Engineer, Security Compliance Engineer, Cybersecurity Architect, A&A Specialist, or Security Controls Engineer with an active TS/SCI Full Scope Polygraph and IASAE Level II certification seeking to support highly sensitive government programs.
