Serco Inc.

CNIC Information System Security Engineer - Joint Base Pearl Harbor-Hickam (JBPHH)

Recruiting Location : Location
Customer Service
Position Type
Security Clearance

Position Description

As the Lead Information System Security Engineer (ISSE) for the Risk Management Framework (RMF) Assessment and Authorization (A&A) process for CNIC Joint Base Pearl Harbor-Hickam (JBPHH), you will be tasked with developing RMF security authorization packages to obtain Authorizations to Operate (ATOs) for an isolated enclave, NRH 3SPN, that provides network infrastructure and basic network services to two adjacent NRH-owned isolated systems, NRH NACS and NRH VPMS, which are outside the accreditation boundary of the system.

As the Lead Information System Security Engineer (ISSE), you will be responsible for the activities listed below:

  1. Support CNRH ISSM / CIO with RMF package development as ISSE
  2. Assemble and review all required documentation as outlined by the ISSM and CNIC for the RMF packages
  3. Tailor security controls out of NIST SP 800-53 rev 4 for the systems
  4. Assist with updating policy and documentation along with maintaining compliance with NIST SP 800-53 rev 4 throughout the RMF lifecycle
  5. Develop a Security Assessment Plan (SAP) in accordance with the Navy RMF Process Guide ver. 3.1 and using the templates provided in the RMF KS
  6. Assess and implement security controls, Security Technical Implementation Guides (STIGs), and Assured Compliance Assessment Solution (ACAS) scans in accordance with the SAP
  7. Gather ACAS, STIG, SCAP files, and other related package artifacts and report any discrepancies to the program
  8. Build risk assessment report (RAR) incorporating all findings discovered in testing and documenting an analysis of each finding
  9. Verify traceability between system authorization data flow, boundary diagrams, Hardware, Firmware, Software, Ports, Protocols and Services (PPS) lists, and ACAS scan
  10. Update and help implement the status of all security controls, enhancements, and control correlation identifiers (CCIs) in eMASS
  11. Make data entries into eMASS record for assigned systems and track RMF process timelines
  12. Prepare for and conduct RMF-related briefings at meetings with internal and external representatives
  13. Interacts frequently with internal personnel and outside representatives at various levels
  14. Assist in developing schedules and plans of actions and milestones (POA&M) for producing deliverable products and reports within customer-directed timelines
  15. Coordinate with field activities, obtaining statuses and providing RMF guidance for all CNIC CNRH packages.
  16. Familiarity with DON Vulnerability Remediation Asset Manager (VRAM)
  17. Familiarity in the following disciplines: Microsoft Operating systems, Microsoft SQL, Red Hat Linux, CISCO and Aruba Wireless


In this role, you must obtain the following:

  • Must have a BA/BS in Information Technology, Cyber Security, Computer Science, or related discipline
  • Must have a min of 14 years in Information Technology or Cyber Security environment 
  • Must possess an active Secret Security Clearance
  • Must meet 8570 Workforce IAT Level II, or IAM Level III preferred

*Position may offer relocation assistance for west coast candidates*

Company Overview

Serco Inc. (Serco) is the Americas division of Serco Group, plc. Serco serves every branch of the U.S. military, numerous U.S. Federal civilian agencies, the Intelligence Community, the Canadian government, state and local governments, and commercial clients. We help our clients deliver vital services more efficiently while increasing the satisfaction of their end customers. Headquartered in Herndon, Virginia, Serco Americas has approximately 8,000 employees and is part of a $4 billion global business that helps transform government and public services around the world. At Serco, our employees are our most valuable asset - we listen, respect and support them throughout their career at Serco. We invite you to become part of our dynamic team. Serco is an equal opportunity employer committed to diversifying our workforce (Race/ Color/ Sex/ Sexual Orientation/ Gender Identity/ Religion/ National Origin/ Disability/ Vets).


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

New to Serco?