Information Systems Security Engineer (ISSE)

AMERICAN SYSTEMS, a 100% employee-owned federal contractor, is seeking a highly experienced Information Systems Security Engineer (ISSE) to support a Special Access Program (SAP) in Arlington, VA.

 

This role is suited for an experienced security engineer who combines deep JSIG and RMF expertise with hands-on security assessment experience across both Linux and Windows systems in highly restricted environments. The ideal candidate understands security controls at an engineering level and can author, tailor, and defend documentation without reliance on automated RMF tools.

As an Information Systems Security Engineer (ISSE) at AMERICAN SYSTEMS, you will:

• →

  Design and implement enterprise-level security architectures for SAP systems

• →

  Apply JSIG requirements to system authorization, control implementation, and documentation

• →

  Manually develop RMF/JSIG authorization artifacts, including SSPs, control narratives, POA&Ms, and supporting evidence

• →

  Perform hands-on security assessments on Linux and Windows systems, including command-line audits, compliance scans, log review, and control validation

• →

  Analyze scan results, identify security gaps, and support remediation planning and execution

• →

  Validate and implement host-based firewall and security configurations in coordination with system administrators

• →

  Manage and track POA&Ms through mitigation, remediation, or risk acceptance

• →

  Ensure system compliance through continuous monitoring of controls, procedures, and documentation

• →

  Identify security deficiencies and provide actionable remediation recommendations

• →

  Support system recovery and security oversight following outages or incidents

• →

  Participate in change management activities, assessing security impacts to SAP systems

• →

  Support security investigations, incident response, and remediation activities

• →

  Collaborate with engineering teams to integrate security requirements into system design and production releases

• Active Top Secret/SCI with SAP eligibility

• Bachelor’s degree in a STEM discipline with 10–11 years of relevant experience, or

  • Master’s degree with 8–10 years of relevant experience

• Minimum 5 years of experience designing and implementing enterprise-scale security solutions with hands-on security assessment experience across Linux systems, including command-line validation

Working knowledge of JSIG and its application to RMF authorization

Proven experience authoring RMF/JSIG artifacts by hand, without reliance on automated RMF tools (eMASS, Xacta, etc.)

Strong background in RMF, ICD 503, NIST SP 800-53, DCID 6/3, or current DoD authorization practices

Experience supporting security tools such as Splunk Enterprise, HBSS, McAfee ePO, ENS, and DLP

Demonstrated security engineering experience across Linux, Windows, Cisco platforms, databases (SQL or Oracle), and virtualized environments

Willingness to submit for a CI Polygraph

AMERICAN SYSTEMS is committed to pay transparency for our applicants and employee-owners. The salary range for this position is USD $159,600.00/Yr. - USD $266,500.00/Yr. Actual compensation will be determined based on several factors permitted by law. AMERICAN SYSTEMS provides for the welfare of its employees and their dependents through a comprehensive benefits program by offering healthcare benefits, paid leave, retirement plans, insurance programs, and education and training assistance.

EEO Race/Sex/Disability Status/Veteran Status