Description

AMO is looking for a Information Systems Security Engineer - Journeyman (ISSE) to work in support of Naval Air Warfare Center Training Systems Division (NAWCTSD) in Jacksonville, Florida.

 

To join our team of outstanding professionals, apply today!

Responsibilities

• Plan, implement, monitor, and maintain cybersecurity controls to protect computer networks, systems, and information across classified and unclassified environments.

• Perform vulnerability scanning and assessment activities using tools such as ACAS and Evaluate-STIG, ensuring accurate configuration, execution, validation, and reporting of results.

• May support systems undergoing the acquisition lifecycle by assessing cybersecurity risks, identifying vulnerabilities, and recommending mitigation strategies in accordance with RMF and NAVAIR guidance.

• May execute cybersecurity testing and validation activities for systems undergoing Assess and Authorize (A&A).

• Develop, review, and maintain RMF artifacts and supporting documentation to ensure compliance with DoD and NAVAIR cybersecurity requirements.

• Assess risks to IT assets using available threat and vulnerability intelligence and provide clear, actionable risk recommendations.

• Provide technical expertise to identify security-related issues affecting current and planned systems, networks, and architectures within the NAVAIR enterprise and RDT&E environments.

• Respond to and assist with the investigation of cybersecurity incidents, vulnerabilities, and malware events as required.

• Serve as the primary and sole on-site cybersecurity resource, independently managing assigned tasks, priorities, and deliverables while coordinating with off-site team members and government stakeholders.

• Ensure cybersecurity deliverables are accurate, current, and usable on first submission, requiring minimal rework.

• Maintain awareness of emerging cybersecurity threats, tools, and best practices, and provide documented recommendations when appropriate.

• Maintain required training, certifications, and technical proficiency to adapt to evolving cyber threat landscapes and mission needs.

Qualifications

• Active DoD Secret clearance.

• Minimum 3 years of hands-on cybersecurity experience implementing, upgrading and monitoring security measures for the protection of computer networks and information.

• Demonstrated experience performing vulnerability scanning and compliance assessments using tools such as ACAS and/or Evaluate-STIG.

• Experience supporting RMF / A&A processes, including development, maintenance, or review of cybersecurity documentation and artifacts.

• Experience identifying, assessing, and documenting cybersecurity risks and mitigation strategies.

• Ability to work independently as the sole on-site cybersecurity resource, managing workload, priorities, and task execution with minimal supervision.

• Strong attention to detail and ability to produce accurate, first-pass cybersecurity deliverables.

• One or more of the following DoD 8140 qualifications:

  • Certified Cloud Security Professional (CCSP)

  • CompTIA Cloud+
  • CompTIA SecurityX (Formerly CASP+)
  • BS degree in Cybersecurity, Information Technology, Computer Science, Information Systems, Data Science, or Software Engineering.

Desired Qualifications:

• Experience supporting NAVAIR, Navy, or DoD RDT&E environments.

• Hands-on experience with ACAS scan configuration, execution, validation, and reporting.

• Hands-on experience using Evaluate-STIG for STIG assessments, compliance tracking, and remediation support.

• Experience working with eMASSTER, Xacta, or similar RMF tools.

• Experience supporting systems across classified and unclassified networks.

• Familiarity with STIG implementation, POA&M development, and vulnerability remediation tracking.

• Experience supporting cybersecurity efforts during system acquisition, testing, and A&A phases.

• Demonstrated ability to operate autonomously while maintaining effective communication with remote teams and government stakeholders.

Job ID2026-23796 Work TypeOn-Site