Information System Security Engineer (ISSE) – Cyber Ops IV
At Aleut Federal, we believe the company and its mission is just as important as the job you are applying for. Aleut Federal is an Alaskan Native-owned enterprise whose purpose is to support our "Shareholders," the Unangax, the indigenous people of the Aleutian Islands of Alaska. People are at the core of everything we do. We support our Shareholders by providing excellent service and quality results to our clients and the various branches of the federal government. We engage in local markets, so community service is embedded in our process.
Our culture nurtures the strength of our workforce through mentorship and coaching, providing opportunities for growth and competitive benefits. We support and encourage diversity, inclusion, and accountability at every level.
The Aleut Federal motto is "We are One" because we truly believe that with one heart, one mind, and one purpose, we can accomplish our mission and be an organization anyone would be proud to be a part of.
Position Summary
Aleut is seeking an Information System Security Engineer (ISSE) to work with the United States Air Force Academy (USAFA) RMF team. This position requires personnel to work on-site at USAFA in Colorado Springs, CO.
*** Position Hiring Contingent On Contract Award ***
Essential Job Functions
- Serve as ISSE supporting USAFA systems, providing subject matter expertise in system security engineering, RMF execution, and technical documentation.
- Act as the technical lead for system security architecture and control implementation strategies, advising system owners and engineering teams on secure design in alignment with NIST SP 800-53 Rev. 5 and DoD guidance.
- Capture, refine, and document IT system requirements, ensuring integration of security requirements throughout the system development lifecycle.
- Identify and document mission-critical assets and information that require protection, contributing to risk assessments and architectural recommendations.
- Perform and maintain system-level risk assessments that support authorization decisions and inform residual risk determinations.
- Lead the technical portions of RMF Step 2 (Categorize) and Step 3 (Select), using NIST SP 800-60 and FIPS 199 to guide impact level determination and initial control tailoring.
- Support the development and maintenance of the System Security Plan (SSP), ensuring all technical controls are clearly defined with planned inputs, expected behaviors, and functional outcomes.
- Contribute to the assembly of the full RMF Security Authorization Package, including the SSP, Security Assessment Report (SAR), POA&M, risk statements, and briefing materials for the Authorizing Official (AO).
- Develop and update required RMF and system documentation including:
- Monitoring Strategy Document
- POA&M and SSP updates
- System Security Plan Analysis
- Security Categorization Review
- Security Plan Approval Recommendation Letter
- SAR with vulnerability assessment results
- Issue Resolution and Remediation Status Reports
- Residual Risk Statements for Risk Acceptance Recommendations
- Presentation briefings and meeting support documents
- Collaborate with ISSMs, ISSOs, SCARs, and system owners to gather evidence, produce high-quality deliverables, and ensure traceability of control implementation and assessment results.
- Author, edit, and standardize RMF documentation to ensure clarity, completeness, and consistency across systems, adhering to DoD, AFMAN, and USAFA-specific templates and quality standards.
- Maintain alignment between documentation and actual system behavior, identifying gaps or noncompliance early and supporting remediation planning.
- Provide peer review, formatting, and compliance support across all cybersecurity deliverables, including SOPs, policies, and authorization artifacts.
- Serve as the central resource for maintaining documentation readiness in eMASS, ensuring system artifacts are current, correctly linked, and audit ready.
Work Environment
- This is an onsite position that requires work to be performed onsite in Colorado Springs, CO.
- Indoor office working conditions.
Physical Demands
- Must be able to sit or stand for prolonged periods.
- Must be able to perform repetitive keyboard tasks and associated motions for prolonged periods.
- Must be able to carry up to 10 pounds.
Salary Range
- 105,000 -- $120,000 (annual) depending on qualifications
*We will be accepting applications for this position until 09/26/2025 at 11:59 PM EST*
Requirements:
- Certification: CISM or CISSP or FITSP-D or GCIA or GCSA or GCLD or GDSA or GICSP or CISSP-ISSAP or CISSP-ISSEP.
- Required Education: Bachelor of Science degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an Accreditation Board for Engineering and Technology (ABET) accredited or Certified Association Executive (CAE) designated institution.
- Experience: At least five years of experience in Information System Security Engineer field required. Additional experience in the United States Air Force (USAF) environment is preferred. Must be familiar with NIST SP 800-37 Rev. 2, SP 800-53 Rev. 5, FIPS 199/200, FedRAMP, AFI 17-101, DoDI 8510.01, and eMASS workflows.
- Security Clearance: Must hold an active Secret security clearance
Aleut offers the following benefits to eligible employees:
- Health insurance
- Dental/Vision insurance
- Paid Time Off
- Short- and Long-Term Disability
- Life insurance
- 401k and match
At Aleut, our culture thrives on diversity, inclusion, and collaboration. Integrating diverse perspectives opens up new possibilities, fosters innovation, and fully harnesses our team's potential. We are committed to creating an environment where every employee feels valued, included, and inspired to grow and find purpose. Join us and be part of a culture that celebrates differences and belonging for everyone, without regard to race, color, religion or belief, national, social, or ethnic origin, sex, pregnancy, marital status, age, physical, mental, or sensory disability, sexual orientation, gender identity and/or expression, or past or present military service. We welcome everyone as they are!