Sr. ISSE SME

Zachary Piper Solutions is currently seeking a Sr. Information Systems Security Engineer (ISSE) / RMF Subject Matter Expert to support mission‑critical Office of the Undersecretary of Defense for Acquisition and Sustainment (OUSD(A&S)) capabilities. This position is a full‑time, onsite role supporting high‑visibility DoD programs in a HYBRID format based out of Arlington, VA. This role is critical to ensuring systems are secure by design, resilient, and defensible to the Authorizing Official (AO). As a Senior ISSE, you will serve as a technical cybersecurity engineering authority, embedding security throughout the system lifecycle using System Security Engineering (SSE) principles and the DoD Risk Management Framework (RMF).

Key Responsibilities

• Engineer, integrate, and validate cybersecurity controls across all phases of the RMF lifecycle in alignment with DoDI 8500.01 and NIST SP 800‑53.
• Apply System Security Engineering (SSE) principles in accordance with NIST SP 800‑160, ensuring cybersecurity is embedded into system architectures—not applied post‑development.
• Design and analyze secure system architectures, including:
  • Authorization boundaries
  • Data flows
  • Trust zones
  • External interfaces and ISAs
• Perform threat modeling, attack surface analysis, and vulnerability assessments to inform engineering decisions and risk mitigation strategies.
• Translate technical risk into engineering‑driven solutions and implement mitigations within system designs.
• Collaborate closely with system engineers, developers, architects, ISSMs, ISSOs, and SCAs to ensure proper control implementation.
• Support DevSecOps integration, including automation of:
  • SAST / DAST
  • Infrastructure‑as‑Code (IaC) scanning
  • Container and pipeline security
• Validate and support implementation of:
  • ACAS / SCAP / STIG compliance
  • Secure configuration baselines
  • Encryption and key management (FIPS 140‑3)
• Analyze SARs, vulnerability scans, and assessment outputs, translating findings into actionable engineering remediation.
• Support Security Impact Analyses (SIAs) for system changes and new capability integration.
• Design and implement Continuous Monitoring (ConMon) strategies, including:
  • Telemetry integration
  • Automated data collection
  • Security dashboards
• Develop and maintain engineering‑focused RMF artifacts, including:
  • SSP technical inputs
  • Architecture and data flow diagrams
  • Interface definitions
  • Control implementation evidence
• Provide technical input to AO briefings and authorization decisions, including AODB packages.
• Support agile authorization approaches, including OVL (Operation Vulcan Logic) and cATO objectives.

Enhanced ISSE Capabilities (Preferred)

• Apply Zero Trust Architecture (ZTA) principles across system design.
• Engineer ICAM solutions aligned to DoD guidance.
• Design secure data architectures, including encryption and data protection strategies.
• Support cloud security engineering aligned to FedRAMP High and DoD Cloud SRG (IL5).
• Integrate SBOM / AIBOM and supply chain risk management into system engineering processes.
• Develop automated security validation pipelines to support continuous authorization.
• Support AI/ML system security engineering, including data pipeline and model integrity protection (as applicable).

Requirements

• Active Top Secret clearance with SCI eligibility
• Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or related field
  • Master’s degree preferred or 10+ years equivalent experience
• 10+ years of cybersecurity experience with a strong technical engineering focus
• Demonstrated experience with:
  • DoD RMF and A&A processes
  • eMASS, Xacta, or similar GRC tools
  • Cloud environments (AWS, Azure, GCP) within FedRAMP / DoD SRG
• Strong understanding of:
  • System architecture and design
  • Networking and infrastructure
  • DevSecOps pipelines
• Excellent written and verbal communication skills, with the ability to brief senior leadership and AOs
• Experience supporting OSD, DoD, or Military components strongly preferred

Preferred Certifications

• CISSP
• CASP+
• CCSP
• CISM

Compensation Includes:

• Salary Range: $180,000 - $220,000 **depending on experience**

• Full Benefits: Cigna Medical, Dental, Vision, 401K, PTO, Sick Leave as required by Law

This job opens for applications on 4/20/26. Applications will be accepted for at least 30 days from the posting date.

#LI-CB1

#LI-HYBRID

Keywords: information security, cyber security, cyber, splunk, nessus, tenable, nessus tenable, defender, microsoft defender, incident response, risk, risk assessment, risk assessment reports, vulnerability, engineer, audits, security, nessus scanning, CASP+ CE, CCNP Security, CISA, CISSP, GCED, GCIH, CCSP, CCNA-Security, CySA+ **, GICSP, GSEC, CND, SSCP, A+ CE, CND, Network+ CE, CAP, CND, Cloud+, GSLC, Security+ CE, HCISPP, CISSP-ISSAP, CISSP-ISSEP, GCIH, GCIA, RMF, ISSE, System Security Engineering, NIST 800‑53, NIST 800‑160, NIST 800‑37, DoDI 8500.01, DoDM 8140, DevSecOps, Zero Trust, ICAM, FedRAMP High, DoD Cloud SRG, IL5, eMASS, Xacta, ACAS, STIG, SCAP, Continuous Monitoring, cATO, OUSD A&S, Security Architecture, Authorization Boundaries, Threat Modeling, AO Support