ASEC

Senior Information Systems Security Engineer (RMF Lead)

ASEC · Virginia Beach, Virginia, United States · $160K–$180K/yr

Aviation and Aerospace Component Manufacturing · 501-1,000 employees

2 h ago
Principal (10+ yrs) Full-time United States
Log in to apply, save this posting, or score it against your profile with AI.

About the role

Lead cybersecurity engineering and RMF activities for Live, Virtual, and Constructive (LVC) training environments to maintain operational authorization. Coordinate with government officials and technical teams to integrate security requirements and remediate vulnerabilities across mission systems.

What they look for

Risk Management Framework (RMF) Cybersecurity Engineering NIST SP 800-53 DISA STIGs ACAS Vulnerability Management System Security Plans (SSP) POA&M Remediation Security Architecture DoDI 8510.01 IAM-III Certification LVC Training Environments Security Assessment Cross-Domain Solutions Technical Guidance Compliance Monitoring Risk Assessment

Requirements

Requires a Bachelor's degree in a technical field with 10+ years of DoD cybersecurity experience and 5+ years leading RMF activities. Must hold an active DoD Top Secret clearance and an IAM-III certification such as CISSP or CISM.

Benefits

Employee Stock Ownership Plan (ESOP) Medical Insurance Dental Insurance Vision Insurance HSA/FSA Options Disability Insurance 401(k) With Company Match Tuition Assistance 11 Paid Holidays

Full description

Description

What You'll Do:

As the Senior Information Systems Security Engineer (ISSE)/RMF Lead, you will serve as the cybersecurity authority supporting advanced Live, Virtual, and Constructive (LVC) training environments that prepare Navy and coalition forces for real-world combat operations. You will lead the integration of cybersecurity requirements into mission systems, networks, and simulation environments while overseeing all Risk Management Framework (RMF) activities required to maintain operational authorization. Working across engineering, network, and program teams, you will help ensure the secure delivery of realistic, high-fidelity training capabilities that enable warfighter readiness against emerging and advanced threats.

This position will be based at the NAS Oceana Dam Neck Annex in Virginia Beach, VA.

Key Responsibilities:

  • Lead cybersecurity engineering efforts across Live, Virtual, and Constructive (LVC) training systems and supporting infrastructure.
  • Integrate security requirements throughout the system development lifecycle.
  • Develop security architectures that support operational requirements while meeting DoD cybersecurity standards.
  • Conduct security design reviews and provide technical guidance to engineering teams.
  • Lead all Risk Management Framework (RMF) activities for assigned systems and enclaves.
  • Develop and maintain RMF packages, including System Security Plans (SSPs), security assessments, and authorization artifacts.
  • Coordinate with Government Authorizing Officials (AOs), Security Control Assessors (SCAs), and cybersecurity stakeholders.
  • Track and resolve cybersecurity findings and authorization conditions.
  • Ensure compliance with DoDI 8510.01 (RMF), NIST SP 800-53, DoD Cyber, Workforce requirements, DISA Security Technical Implementation Guides (STIGs), and Navy and NAVAIR cybersecurity policies
  • Ensure secure integration between operational systems, simulators, and external interfaces.
  • Review ACAS, vulnerability scans, and security assessment results.
  • Prioritize and coordinate remediation activities across engineering, network, and system administration teams.
  • Track Plans of Action and Milestones (POA&Ms) through closure.
  • Assess cybersecurity risks associated with distributed training events.
  • Evaluate security implications of integrating live platforms, simulators, and threat-representation systems.
  • Support cross-domain and multi-level security solutions where required.
  • Ensure training systems can emulate realistic threats without introducing unacceptable cybersecurity risk.
  • Coordinate cybersecurity requirements for coalition and joint interoperability events.

This description outlines the general nature and scope of the role. Additional duties may be assigned as necessary.

Requirements

What You'll Bring:

  • Bachelor's degree in Cybersecurity, Information Systems, Computer Science, Engineering, or a related technical field and ten (10) years of relevant DoD cybersecurity experience. Additional directly related experience may be substituted for a degree where permitted.
  • Minimum of five (5) years of experience leading Risk Management Framework (RMF) activities in accordance with DoDI 8510.01, including development of SSPs, security assessments, authorization packages, and ATO documentation.
  • Demonstrated experience implementing and maintaining cybersecurity controls in accordance with NIST SP 800-53, DISA STIGs, ACAS vulnerability management, and POA&M remediation.
  • Experience designing and integrating cybersecurity solutions for complex DoD information systems, networks, or mission systems throughout the system development lifecycle.
  • Experience coordinating with Government Authorizing Officials (AOs), Security Control Assessors (SCAs), engineering teams, and system administrators to achieve and maintain cybersecurity compliance and system authorization.
  • Experience supporting Navy, NAVAIR, or other DoD programs involving classified information systems, distributed networks, or Live, Virtual, and Constructive (LVC) training environments is highly desired.

Certification Requirements:

  • Candidates must hold a current IAM-III certification (e.g., CISM, CISSP, or GSLC) as defined by DoD 8570.01-M. Please upload copies of any relevant IT certifications as part of your application. These documents help us verify qualifications during the initial screening process.

Equally Important:

  • Ability to build positive, collaborative relationships across teams and with external partners.
  • Effective communicator with strong verbal and written skills.
  • Proactive, self-directed work style with the ability to operate independently.
  • Analytical thinker with proven problem-solving capabilities.
  • Highly organized, with the ability to balance competing priorities in a fast-paced environment.

ASEC is committed to providing access and reasonable accommodation in its services, activities, programs, and employment opportunities in accordance with the Americans with Disabilities Act and other applicable laws.

Security Clearance Requirement:

  • This position requires U.S. citizenship and an active DoD Top Secret clearance. Selected candidate will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

Salary Range:

  • The anticipated annual salary range for this position is $160,000 - $180,000, commensurate with an individual’s experience, qualifications, and skill set. ASEC is committed to providing fair and equitable compensation.

Who We Are:

ASEC offers meaningful, mission-driven work within a culture that supports your professional and personal growth. We partner with our government customers to deliver innovative solutions across engineering, information technology, training, and logistics. Above all, we are committed to doing what’s right for the Warfighter—plain and simple. Explore what makes ASEC different by visiting our website.

Why work at ASEC?

  • 100% employee-owned company. Learn more about our Employee Stock Ownership Plan (ESOP) here!
  • Comprehensive benefits package, including 11 paid holidays, medical/dental/vision coverage, HSA/FSA options, disability insurance, and more!
  • 401(k) with company match
  • Tuition assistance for undergraduate and graduate education
  • Veteran-friendly employer
  • Thriving employee culture

Not the right opportunity for you? Send this job posting to a friend!

ASEC is an Equal Opportunity Employer. We recruit, hire, train, compensate, and promote employees based on qualifications, merit, and business needs, without regard to race, color, religion, sex, national origin, ancestry, age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information, pregnancy or related conditions (including breastfeeding), or any other status protected by law.

ASEC also complies with all applicable pay transparency laws and will not discriminate against employees or applicants for inquiring about, discussing, or disclosing compensation.