Date Posted:
2026-04-29
Country:
United States of America
Location:
US-VA-CHESAPEAKE-002-CUST 2 Relay Rd BLDG 344 (External Site)
Position Role Type:
Onsite
**U.S. Citizen, U.S. Person, or Immigration Status Requirements: **
Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance
**Security Clearance Type: **
DoD Clearance: Top Secret
**Security Clearance Status: **
Active and existing security clearance required on day 1
Raytheon brings the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today’s mission and stay ahead of tomorrow’s threat. We deliver solutions that help our nation and allies defend freedoms and deter aggression, creating a safer, more secure world. Join us and help shape the future of aerospace and defense.
This job opportunity is for the ROTHR Information System Security Engineer (ISSE) position at ROTHR Chesapeake, VA facility. The ISSE is responsible for the local DoD Mission network servers and workstations in accordance with the authoritative USG requirements documents including (but not limited to): DISA STIGS, DD254, SCGs, CND Directives, OPORDS, etc. The Information System Security Engineer (ISSE) holds a vital role throughout the Risk Management Framework (RMF) process, with key responsibilities particularly evident in the implementation, assessment, and continuous monitoring phases
What You Will Do
System Design and Architecture
- Oversee the development and maintenance of a system's cybersecurity solutions.
- Participate in the system engineering process to ensure that cybersecurity requirements, design, and testing are properly addressed throughout the system lifecycle.
- Engage with the Network Engineer, Systems Engineer, and Integrated Product Team (IPT) lead to confirm the compatibility of cybersecurity architecture and design with the overall system design and integration.
- Identify where their system resides within the overall Navy security architecture (e.g., network, ship, site).
- Coordinate with all primary connecting systems to determine what protections can be inherited.
- Apply system security and privacy engineering principles and practices to securely develop and integrate system components into information systems.
·** **
Security Control Management (Implementation and Tailoring)
- Lead the security control implementation and testing efforts. Identify and taylor the security control baseline with applicable overlays.
- Consider control inheritance and inheritance models when assigning controls during the security control selection process.
- Conduct all preliminary technical testing, including Security Technical Implementation Guides (STIGs), Security Requirement Guides (SRGs), and Assured Compliance Assessment Solution (ACAS)/Nessus scans.
- Document detailed results of each Assessment Procedure (AP) within eMASS in the 'Test Results' section for each AP.
- Implement approved security controls (often in coordination with the ISSM).
- Remediate findings and/or implement mitigating controls as possible.
- Update the Plan of Actions & Milestones (POA&M) with non-compliant security controls as required.
Risk Assessment
- Perform vulnerability-level risk assessments on the POA&M/CAP.
- Conduct an initial complete risk assessment and document results in the POA&M.
- For identified deficiencies, determine the theoretical attack path for potential exploitation.
- Work with the Program Manager/Information System Owner (PM/ISO) to develop the Risk Assessment, incorporating vulnerabilities from the formal assessment.
Security Assessment Plan (SAP) & Authorization
- Assist with the development, maintenance, and tracking of the Security Plan (SP)
- For assessment efforts that do not require a Navy Qualified Validator (NQV), the ISSE (as part of program personnel) is responsible for developing a comprehensive SAP and submitting it for Security Control Assessor (SCA) review and approval.
- Ensure the execution of any security testing required as part of Assessment & Authorization (A&A) or annual reviews.
- Execute the SAP and assess applicable security controls (Validator participation is encouraged but not required).
- Ensure data entered in the eMASS record and POA&M is consistent with implementation results.
- o Document and provide all requested rework to the Package Submitting Officer (PSO)/Program Management Office (PMO) for review.
Continuous Monitoring
- Oversee cybersecurity testing to assess security controls and record their compliance status during the continuous monitoring phase of the lifecycle.
- Support the Information System Security Manager (ISSM) in implementing the System Level Continuous Monitoring (SLCM) Strategy, tracking compliance of associated security controls, and communicating security findings.
- Update the Security POA&M as necessary during the monitoring step.
Coordination and Documentation
- Identify Authorizing Official (AO) and SCA cognizance of the system, as well as any specific authorization requirements such as reciprocity, cross domain solutions, and applicable overlays to support System Categorization.'
- Utilize the Collaboration Board in the eMASS workflow for formal coordination during the RMF process, posting detailed findings in the Artifacts tab if necessary
- The ISSE is generally accountable to the Program Manager/System Owner (PM/SO) and is considered a system-specific role within RMF personnel.
Qualifications You Must Have
- Active and transferable U.S. government issued Secret security clearance is required prior to start date.** U.S. citizenship is required**, as only U.S. citizens are eligible for a security clearance."
- Typically requires a BS degree in Science, Technology, Engineering or Mathematics(STEM) and **a minimum of 2 years of prior relevant experience **unless prohibited by local laws/regulations.
- Required DoD 8570.01 IAT Level 2 (requires one or more of the following Professional Certifications: CNA Security, GICSP, GSEC, Security+ CE, SSCP)
What We Offer
Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation. This position is NOT eligible for Relocation
Learn More & Apply Now!
Please ensure the role type defined below is appropriate for your needs before applying to this role. This position is classified as:
Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products.
As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote.
The salary range for this role is 68,900 USD - 131,100 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate’s work experience, location, education/training, and key skills.
Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.
Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company’s performance.
This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.
RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window.
RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans’ Readjustment Assistance Act.
Privacy Policy and Terms:
Click on this link to read the Policy and Terms