Information Systems Security Engineer (ISSE) - SME jobs in United States
cer-icon
Apply on Employer Site
company-logo

COLSA · 22 hours ago

Information Systems Security Engineer (ISSE) - SME

positionWashington, DC
timeFull-time
remoteOnsite
senioritySenior Level

COLSA is seeking multiple Information Systems Security Engineers – SME candidates for Key Personnel roles in support of a proposal anticipated in February 2026. The role involves leading the implementation of a Security Assessment and Authorization Program and supervising a team responsible for the RMF lifecycle for agency IT systems.

Cyber SecurityInformation TechnologySoftware

Responsibilities

Responsible for leading the implementation of a SAA (Security Assessment and Authorization) Program
Lead, mentor, and supervise a team of security professionals responsible for the end-to-end implementation of the RMF lifecycle for agency IT systems
Oversee and coordinate activities within the Prepare step, ensuring roles, responsibilities, and risk management strategies are clearly defined and maintained
Guide system categorization efforts to ensure all information systems are appropriately classified based on mission/business impact and regulatory requirements
Direct the selection, tailoring, and documentation of security controls aligned with system categorizations, risk appetite, and compliance requirements
Oversee the implementation of technical, operational, and management controls throughout system and application lifecycles, with a particular focus on quality and completeness of all deliverables
Ensure comprehensive security control assessments are planned, executed, and documented to validate the effectiveness of implemented safeguards
Prepare risk management documentation for system authorization and executive decision-making
Direct ongoing monitoring and continuous assessment activities, collecting metrics to adjust security strategies and ensure sustained compliance
Serve as a principal technical advisor on cybersecurity, bringing subject-matter expertise to risk analysis, incident response, system remediation, and audit support efforts
Foster a culture of security awareness, providing technical guidance and training to both team members and stakeholders
Track, report, and communicate status, risks, and improvement opportunities related to security engineering activities to leadership and stakeholders
Maintain up-to-date knowledge of RMF, NIST guidance, and industry best practices in support of continuous process improvement

Qualification

Security AssessmentAuthorizationRisk Management Framework (RMF)Cybersecurity expertiseNIST guidanceSecurity control assessmentsSecurity awareness trainingIncident responseAudit supportTeam leadership

Required

Responsible for leading the implementation of a SAA (Security Assessment and Authorization) Program
Lead, mentor, and supervise a team of security professionals responsible for the end-to-end implementation of the RMF lifecycle for agency IT systems
Oversee and coordinate activities within the Prepare step, ensuring roles, responsibilities, and risk management strategies are clearly defined and maintained
Guide system categorization efforts to ensure all information systems are appropriately classified based on mission/business impact and regulatory requirements
Direct the selection, tailoring, and documentation of security controls aligned with system categorizations, risk appetite, and compliance requirements
Oversee the implementation of technical, operational, and management controls throughout system and application lifecycles, with a particular focus on quality and completeness of all deliverables
Ensure comprehensive security control assessments are planned, executed, and documented to validate the effectiveness of implemented safeguards
Prepare risk management documentation for system authorization and executive decision-making
Direct ongoing monitoring and continuous assessment activities, collecting metrics to adjust security strategies and ensure sustained compliance
Serve as a principal technical advisor on cybersecurity, bringing subject-matter expertise to risk analysis, incident response, system remediation, and audit support efforts
Foster a culture of security awareness, providing technical guidance and training to both team members and stakeholders
Track, report, and communicate status, risks, and improvement opportunities related to security engineering activities to leadership and stakeholders
Maintain up-to-date knowledge of RMF, NIST guidance, and industry best practices in support of continuous process improvement

Company

COLSA

twittertwittertwitter
company-logo
COLSA's full-scale capabilities include cyber and information warfare, rapid prototyping and engineering, uncrewed systems, acquisition, logistics, studies and analysis, data science, and systems and software engineering.
dateFounded in 1980
location
Huntsville, Alabama, USA
people-size1001-5000 employees
web-link
http://www.colsa.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Van Corum
Deputy CEO & CFO
linkedin
leader-logo
Ivan Garcia
Chief Technology Officer
linkedin
Company data provided by crunchbase