Cyber Security Engineer (ISSE)
Role details
Job location
Tech stack
Job description
Torch Technologies is seeking an experienced and mission-focused Principal Cybersecurity Engineer (ISSE) to lead the security engineering efforts for a critical Department of War (DoW) system operating at the Top Secret and Special Access Required (SAR) levels. The primary and overriding responsibility of this role is to serve as the technical lead for achieving and maintaining the system's Authority to Operate (ATO).
You will be the core subject matter expert for all security control implementation, validation, and documentation. You will translate the complex requirements of the Risk Management Framework (RMF) and the Joint Special Access Program (SAP) Implementation Guide (JSIG) into a tangible, defensible security posture. This is a hands-on engineering role for a cybersecurity expert who excels at navigating the complexities of the DoW accreditation process.
As a Cybersecurity Engineer your duties will include the following, but are not limited to:
-
Lead all technical security activities required to prepare the system for its formal security assessment and authorization.
-
Engineer, implement, and validate the technical security controls required by NIST SP 800-53 and as tailored by the JSIG. This includes hands-on hardening of operating systems, network devices, applications, and databases in accordance with DISA STIGs.
-
Author, compile, and maintain the complete RMF security documentation package. This includes creating and managing the System Security Plan (SSP), system diagrams, hardware/software lists, and detailed descriptions of control implementations.
-
Manage the system's security posture by conducting vulnerability scans with tools like ACAS, analyzing results, and leading remediation efforts with the system administration team.
-
Act as the primary technical point of contact during security control assessments. You will be responsible for demonstrating control effectiveness to government assessors and defending the system's security design.
-
Develop and execute a robust continuous monitoring strategy to ensure the system remains compliant and secure post-ATO, including analyzing audit logs and responding to security events.
Requirements
-
U.S. Citizenship
-
Bachelor's Degree in Computer Science, or a related field or equivalent experience
-
10+ years in cybersecurity/information assurance, with at least 5 years in a hands-on ISSE role.
-
TS Clearance is required.
-
Experience leading a DoD system through the full RMF lifecycle to successfully achieve an ATO at the TS//SAR level.You must be able to speak authoritatively on this process from start to finish.
-
Demonstrable, in-depth experience implementing and validating controls under theJSIG.
-
Must meet DoD 8140 IASAE Level II or III requirements.
-
Expert-level knowledge of RMF, JSIG, NIST SP 800-53, and DISA STIGs.
-
Proficiency with security tools such as ACAS/Nessus, SCAP Compliance Checker (SCC), and SIEM solutions.
-
Strong technical understanding of operating systems (Windows/Linux), networking concepts, and virtualization.
Preferred Qualifications:
-
CISSP-ISSEP(Information System Security Engineering Professional) certification.
-
Bachelor's or Master's degree in Cybersecurity or a related technical field.
-
Experience with automated compliance and hardening tools.
-
Experience securing cloud environments within AWS GovCloud or Azure Government.
Benefits & conditions
Torch Technologies is proud to offer a stable and professional work environment, a competitive salary, and an excellent, comprehensive benefit package including: ESOP participation, 401(k) match and safe-harbor contribution, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, Health Saving Accounts and Health Reimbursement Accounts, EAP, education assistance, paid time off, and holidays.
