Information Systems Security Engineer (CNIC N6)
Serco Group
 Jacksonville, FL

Position Description

As the Cybersecurity Systems Engineer, you will take on the technical role of Information System Security Engineer (ISSE) for the Risk Management Framework (RMF) Assessment and Authorization (A&A) process, tasked with developing RMF security authorization packages to obtain Authorizations to Operate (ATOs) for an isolated enclave, that provides network infrastructure and basic network services, region wide access control systems and video monitoring.

As the Cybersecurity Systems Engineer, you will be responsible for the activities listed below:

  • Support CNRSE IAM / CIO with RMF package development as ISSE
  • Assemble all required documentation as outlined by the ISSM and CNIC for the RMF packages
  • Tailor security controls out of NIST SP 800-53 rev 4 for the systems
  • Develop a Security Assessment Plan (SAP) in accordance with the Navy Security Control Assessor (SCA) A&A Testing Guidance
  • Assess security controls, Security Technical Implementation Guides (STIGs), and Assured Compliance Assessment Solution (ACAS) scans in accordance with the SAP
  • Build risk assessment report (RAR) incorporating all findings discovered in testing, and documenting an analysis of each finding
  • Create system authorization boundary diagrams encompassing traceability back to Hardware, Firmware, Software, and Ports, Protocols and Services (PPS) lists
  • Fill out the status of all security controls, enhancements, and control correlation identifiers (CCIs) in eMASS
  • Prepare for and conduct technical briefings at meetings with internal and external representatives
  • Interacts frequently with internal personnel and outside representatives at various levels
  • Assist in developing schedules and plans of actions and milestones (POA&M) for producing deliverable products and reports within customer-directed timelines
  • Coordinate with field activities, obtaining statuses and providing RMF guidance for all CNIC CNRSE packages


  • Must have a Bachelor's degree in Cybersecurity or related engineering discipline
  • Must have 12-18 years of IT experience
  • Possess 2+ years of RMF/DIACAP package experience and knowledge of Navy eMASS, ACAS, STIGs
  • Must have an active DoD Secret Security Clearance
  • Must be 8570 compliant IAT Level II required

Company Overview

Serco Inc. (Serco) is the Americas division of Serco Group, plc. Serco serves every branch of the U.S. military, numerous U.S. Federal civilian agencies, the Intelligence Community, the Canadian government, state and local governments, and commercial clients. We help our clients deliver vital services more efficiently while increasing the satisfaction of their end customers. Headquartered in Herndon, Virginia, Serco Americas has approximately 8,000 employees and is part of a $4 billion global business that helps transform government and public services around the world. At Serco, our employees are our most valuable asset - we listen, respect and support them throughout their career at Serco. We invite you to become part of our dynamic team. Serco is an equal opportunity employer committed to diversifying our workforce (Race/ Color/ Sex/ Sexual Orientation/ Gender Identity/ Religion/ National Origin/ Disability/ Vets).