Information Systems Security Engineer (ISSE)

An Information Systems Security Engineer (ISSE) is the technical expert responsible for designing and implementing security architectures and solutions for information systems. While the ISSM and ISSO focus on management and operations, the ISSE focuses on engineering — building secure systems from the ground up.

ISSEs evaluate security requirements, design network architectures, select security technologies, and ensure systems are built to meet RMF requirements. They work closely with system engineers and developers to integrate security into the system design rather than bolting it on afterward.

Why It Matters

Security problems are cheapest to fix during design. Having an ISSE involved early in system development prevents costly rework and reduces the risk of security findings during the RMF assessment process.

Related Resources

NIST 800-53: PM-20