Talent.com
Information Systems Security Engineer

Information Systems Security Engineer

Karsun SolutionsSan Diego, California, US
job_description.job_card.variable_days_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

Why Karsun?

Join Karsun Solutions to grow your career with the company transforming possible for the US Government.

At Karsun, collaboration drives our community. We’re committed to building an environment where team members from diverse backgrounds can innovate, learn and grow with us. Here at Karsun, the only limit to your potential is the limit of your curiosity.

Join Team Karsun, and Find Your Next!

Summary

This individual will serve in a compliance support role, stepping in when the primary ISSE is unavailable or during periods of increased workload. Their focus is ensuring continuity of RMF and cybersecurity compliance activities, not full-time ownership of the ISSE function.

What You'll Do :

  • Supporting RMF package updates and maintaining authorization documentation SSP, POA&M, SAR).
  • Advisory support to system owners on control implementation and mitigation strategies.
  • Conducting or reviewing vulnerability scanning results and assisting with remediation planning.
  • Participating in inspection prep or audits as needed.
  • Providing input into status reporting, dashboards, and metrics related to system security posture.
  • Assisting in the collection of evidence, as directed by Navy Cyber Defensive Operations Command (NCDOC), including :
  • Contributing to the preservation of evidence by maintaining the chain of custody IAW OPNAV 7 / .
  • Submitting Electronic Spillage Action Forms.
  • Reviewing System Authorization Access Request Navy (SAAR-N) and Privileged Access Agreement (PAA) forms, utilizing Total Workforce Management Services (TWMS), to support user account issuance and management, including two-factor authentication (2FA) tokens as the Trusted Agent (TA).
  • Furnishing recommendations and administrative support in developing, managing, and updating cyber incident handling procedures per updated DoD or DON policy.
  • Sanitizing, destroying, and disposing of media cleared for destruction hard drives, CDs / DVDs).
  • Validating required cybersecurity training requirements for NCTSSD personnel, as needed, to maintain system access.

Onsite Support Expectations :

  • If the primary ISSE is attending, virtual participation or no presence may be sufficient.
  • When onsite, they may support leadership briefings, walkthroughs, or in-person compliance check-ins.

    • Cross-Coverage & Availability :

  • The backup should be available on-call for urgent needs incident response, compliance review deadlines).
  • For extended absences (vacation, medical leave), the backup may need to temporarily assume more active duties, including interfacing with government stakeholders and leading RMF activities.

    • Required Qualifications

  • Proficiency with ACAS, Nessus, Splunk, SCAP Compliance Checker (SCC), POA&Ms, DIACAP, NISPOM, and vulnerability management tools.
  • Strong technical writing skills for RMF artifacts, security control assessments, and risk documentation.
  • Experience applying DISA STIGs and performing system hardening for compliance.
  • Skilled with Microsoft Impact Level 5 (M IL5) and SharePoint Online (SPO).
  • Bachelor’s degree in Computer Science, Electrical Engineering, or related technical discipline (an additional years of relevant experience may substitute for the degree).
  • Active certifications in one or more of the following :

    • CGRC (Certified in Governance, Risk & Compliance)

  • CASP+ (CompTIA Advanced Security Practitioner)
  • CompTIA Security+
  • SSCP (Systems Security Certified Practitioner)
  • CISM, CISSP, GSEC, or GSLC
  • Active TS / SCI Clearance

    • Preferred Qualifications

  • In-depth expertise in all RMF steps.
  • Experience in preparing and presenting RMF documentation for ATO / ATC decisions.
  • Advanced knowledge of NIST - controls and control tailoring / inheritance.
  • Familiarity with vulnerability analysis, penetration testing, and risk mitigation planning.
  • Proficiency with scripting or automation (Python, PowerShell, SQL, etc.) for RMF-related tasks.
  • Understanding of zero-trust principles, Secure DevOps, and security across the full system lifecycle.

    • Things to Know :

    Commitment to Non-Discrimination

    All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.

    Salary Range

    The proposed salary range for this role is $,. to $,. USD. The salary range provided is a good faith estimate representative of all experience levels. Karsun considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate’s work experience, location, education / training, and key skills.

    Third Party Resumes :  Karsun does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Karsun and Karsun will not be obligated to pay a placement fee.

    Clearance Information

    This position requires the eligibility to obtain a security clearance. The Defense Industrial Security Clearance Office (DISCO), an agency of the Department of Defense, handles and adjudicates the security clearance process. More information about Security Clearances can be found on the US Department of State government website :  

    serp_jobs.job_alerts.create_a_job

    Information System Security Engineer • San Diego, California, US