Information Systems Support Engineer Support at Ryan Consulting Group
Ryan Consulting Group · Fort Lee, United States Of America · Hybrid
- Professional
- Office in Fort Lee
Ryan Consulting Group is seeking an Information Systems Support Engineer Support to provide high-level ISSE support to integrate cybersecurity requirements and implement security controls throughout the RMF lifecycle, ensuring agency systems achieve and sustain their ATO. This role will coordinate with system owners and security personnel to prepare systems for authorization, categorize information and impact levels, select and tailor security controls, and document their implementation. This support extends to assessing security controls, contributing to authorization packages, and continuously monitoring the security posture of systems to ensure ongoing compliance and risk management.
Responsibilities:
- Coordinates with the Information System Owner (ISO) to define the authorization boundary and develop boundary diagram artifacts.
- Analyze and document mission/business processes supported by the system to define comprehensive system security needs, directly linking security to operational objectives.
- Develop and document robust System Security Plans (SSPs) and detailed Security Design Documents, providing a foundational understanding of the system's security posture.
- Document information types and impact levels (confidentiality, integrity, availability), providing a granular understanding of data sensitivity.
- Ensure the system categorization aligns with DoD mission assurance priorities, supporting critical defense functions.
- Design and implement technical security controls per DoD Secure Configuration Baselines.
- Apply STIGs (Security Technical Implementation Guides) and hardening procedures to all IT assets as applicable, reducing the attack surface and mitigating known vulnerabilities.
- Document control implementation in the SSP, maintaining accurate and up-to-date security documentation.
- Analyze scan results from tools like Tenable, ACAS, or Nessus, identifying vulnerabilities and misconfigurations.
- Conduct self-assessment and validate control effectiveness and document findings in Security Assessment Reports (SARs), providing an internal evaluation of security controls.
- Ensure alignment with DoD Cybersecurity Strategy and acquisition lifecycle, integrating security considerations throughout the system's lifespan.
- Provide evidence and artifacts in support of security control validation efforts, demonstrating the effectiveness of implemented controls.
- Coordinate and schedule all assessment activities with the SCA and testing teams, facilitating thorough and efficient security evaluations.
- Conduct Security Control Assessments for all RMF “Assess Only” cybersecurity assessments, providing dedicated evaluation for specific security concerns.
- Coordinate with the SCA on development of the Security Assessment Plan (SAP) and Security Assessment Report (SAR), contributing to formal assessment documentation.
- Remediate findings and update the POA&M (Plan of Action and Milestones), tracking the progress of vulnerability mitigation.
- Develop risk mitigation strategies for vulnerabilities that are unable to be fully remediated.
- Track and report on security control effectiveness and system changes, maintaining visibility into security performance.
- Update SSP, POA&M, and SAR as system changes occur or as needed, but no less than annually, reflecting the current state of system security.
- Participate in Annual Security Assessment Review (ASR) and Incident Response exercises, demonstrating preparedness and responsiveness to security events.
- Respond to cybersecurity incidents and environmental changes, ensuring rapid and effective incident handling.
- Active Secret security clearance
- At least 5 years of related experience
DoD IAT II required certification/s (one of the following):
- CCNA-Security
- CySA+ (CSA+)
- GICSP
- GSEC
- Security+ CE
- CND
- SSCP
CSSP-IS required certification/s (one of the following):
- Security+ CE
- CySA+
- GCIA
- GICSP
- GSEC
- CEH
Statements
Equal Employment Opportunity (EEO) Statement
Ryan Consulting Group, Inc. is an equal opportunity employer. We are dedicated to ensuring equal employment opportunities in all aspects of employment, including recruitment, hiring, promotion, training, compensation, benefits, and termination. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by applicable law.
Ryan Consulting Group, Inc. is also committed to complying with the Americans with Disabilities Act (ADA) and providing reasonable accommodations for qualified individuals with disabilities. If you need assistance or accommodation due to a disability in the application process, please contact [email protected].
Drug-Free Workplace Statement
Ryan Consulting Group, Inc. is committed to maintaining a drug-free workplace, in compliance with the Drug-Free Workplace Act of 1988, which is a requirement for all federal contractors. We recognize the impact that drug and alcohol abuse can have on the safety, health, and productivity of our workforce, and we are dedicated to providing a work environment that is free from illegal drugs and alcohol. All employment offers are conditional upon successfully passing a drug screening.
Pay Transparency Statement
Ryan Consulting Group, Inc. complies with all relevant pay transparency laws in each state and jurisdiction where we operate. This includes providing salary ranges and pay data in compliance with state or local regulations where applicable.
We also ensure that applicants and employees in relevant states are informed of their right to inquire about pay information as required by state or local laws. Employees and applicants in states where pay transparency laws are in effect can expect to be provided with salary information upon request during the hiring process.
 
			 
			 
			 
			