This is a full-time, onsite position located in Huntsville, AL.We're looking for a seasoned Cybersecurity Engineer / ISSM to lead and execute the full cybersecurity program for a complex Army weapon system. This is a high-impact role supporting mission-critical hardware and software across development, integration, testing, fielding, and long-term sustainment.
You'll serve as the contractor's primary cybersecurity authority, partnering directly with Government stakeholders, engineering teams, and program leadership to drive RMF execution, achieve and maintain ATO, and ensure lifecycle cybersecurity compliance.
What You'll DoYou'll own the cybersecurity program end-to-end, ensuring the system meets DoD, Army, CNSS, NIST, DISA, and export control requirements. From early system design through operational fielding, you'll embed cybersecurity into every engineering phase-hardware, firmware, software, testing, training, and sustainment.
You'll lead all RMF Assess & Authorize (A&A) activities, producing and maintaining Government-ready artifacts including the System Security Plan (SSP), POA&Ms, COOP/DRP documentation, and baseline inventories. You'll guide the program through CT&E, IATT, and ATO/ATC approvals, while providing continuous monitoring and risk management support throughout the lifecycle.
As the program's ISSM, you'll act as the primary cybersecurity liaison to the Program Office, Authorizing Official, SCA/SCA-V teams, DISA, DCSA, and engineering IPTs. You'll assess system changes, manage vulnerabilities, apply DISA STIGs, and ensure the system is audit-ready and Government-review-ready at all times.
What You BringYou have deep expertise in DoD RMF, cybersecurity engineering, and A&A documentation, with hands-on experience applying NIST, CNSS, FIPS, and DISA requirements to complex systems. You're comfortable navigating ambiguity, interpreting overlapping guidance, and applying the most stringent requirements when needed.
You've supported CT&E, vulnerability remediation, and continuous risk management, and you understand how cybersecurity decisions impact mission performance, interoperability, and fielded systems. You communicate confidently with both engineers and Government customers-and you're trusted as the cybersecurity voice in the room.
Required Experience- Bachelor's degree in Cybersecurity, Computer Science, Engineering, Information Assurance, or related field (or equivalent experience)
- 5+ years supporting DoD cybersecurity engineering, ISSM/ISSO, or RMF programs
- Strong working knowledge of RMF, A&A artifacts, and DoD cybersecurity controls
- Experience applying NIST SP 800-53, 800-37, 800-30, 800-39, 800-160, CNSSI 1253, and DISA STIGs
- Background supporting CT&E, vulnerability mitigation, and lifecycle cybersecurity
- Ability to obtain and maintain a DoD Secret clearance (or higher)
Preferred Experience- DoD 8140 / 8570 certifications (CISSP, CISM, CASP+, CCISO, IAM/IAT/IASAE)
- Army cybersecurity experience (AR 25-1, AR 25-2, AR 380-5)
- Experience with weapon systems, tactical or embedded systems
- Prior ISSM, ISSE, or senior ISSO experience on ATO/ATC acquisition programs
- Experience developing complex cybersecurity CDRLs for DoD contracts
