The Junior Level Information System Security Engineer (ISSE) provides full lifecycle support for the development, delivery and sustainment of the Assessment and Authorization (A&A) Navy Risk Management Framework (RMF) lifecycle, ensuring systems receive and maintain authorization. The Junior level ISSE, under the guidance of a Senior level ISSE, will provide independent assessments, reviews and implementation guidance for Department of Defense (DoD) and Department of the Navy (DON) acquisition, financial and Information Technology (IT) policies, laws and regulations.
The Junior Level ISSE, under the guidance of a Senior Level ISSE, will work to develop authorization packages, including System Categorization Statements, Network Diagrams, Data Flows, Ports, Protocols and Services Management (PPSM), External Connections, System Risk Assessments and System Security Plans, supporting documentation and Memorandum for the Record based on DON “use case” requirements. In addition, the Junior Level ISSE, under the guidance of a Senior Level ISSE, will evaluate and assess compliance with established Cybersecurity (IA) policies and regulations, collaborate directly with the assigned validator defining mitigation strategies, evaluating DISA Security Technical Implementation Guides (STIG)/Security Requirements Guides (SRG) and checklist, engage with government staff, security personnel and NAVSEA stakeholders, development teams to communicate A&A requirements, understand system security, architecture and document IA posture for DON authorization/reauthorization and continuous authorization lifecycle requirements.
The Junior Level ISSE, under the guidance of a Senior Level ISSE, will monitor trends in information technology and cybersecurity that could have an impact on the security of the organization's products, processes, infrastructure, or customers.