Information Systems Security Engineer
Responsibilities
- Develops, implements, and maintains security solutions for complex systems to ensure confidentiality, integrity, and availability.
- Conducts system security analysis, risk assessments, and vulnerability assessments to identify and mitigate risks.
- Supports the development of security architecture and system security engineering artifacts based on NIST, DoD, and IC policies and guidelines.
- Collaborates with system architects, software engineers, and network engineers to incorporate security requirements into system design.
- Develops and maintains System Security Plans (SSPs), Security Assessment Reports (SARs), and related Risk Management Framework (RMF) documentation.
- Performs continuous monitoring and ensures compliance with applicable security standards (NIST SP 800-53, ICD 503, CNSS, etc.).
- Provides recommendations for improving system security posture and addresses security incidents as they arise.
- Engages in security testing, evaluation, and certification & accreditation (C&A) activities.
- Interfaces with government customers and stakeholders to effectively communicate technical information and security strategies.
Requirements
Experience With Some Or All Of The Following Security frameworks and standards such as NIST SP 800-53, RMF, ICD 503, CNSS, DoD STIGs
Security tools such as ACAS, Nessus, Tenable, Splunk, Wireshark, HBSS, McAfee ePO
Security technologies including Firewalls, IDS/IPS, SIEMs, VPNs, PKI, Multi-Factor Authentication
System security documentation: SSPs, POA&Ms, SARs, Security Control Traceability Matrix (SCTM)
Experience with Linux, Unix, Windows, and Virtualization technologies (VMware, Hyper-V)
Cloud platforms such as AWS, Azure, Google Cloud with a focus on cloud security
Encryption protocols and technologies such as TLS/SSL, IPsec, VPN, PKI
Security testing tools: Nmap, Metasploit, Burp Suite, Kali Linux
Scripting and automation experience: Python, PowerShell, Bash
Knowledge of system development lifecycle (SDLC), software assurance, and secure coding practices
Certifications such as CISSP, CAP, CEH, Security+, AWS Security Specialty, or equivalent
Qualifications
With some or all of the following:
- BS/BA degree in Computer Science, Information Systems, Cybersecurity, or a related field
- Minimum 7 years of relevant experience in information security, preferably within a DoD environment
- Active Top Secret/SCI clearance with full scope polygraph
- Experience with security frameworks and standards such as NIST SP 800-53, RMF, ICD 503, CNSS, DoD STIGs
- Experience with security tools such as ACAS, Nessus, Tenable, Splunk, Wireshark, HBSS, McAfee ePO
- Experience with security technologies including Firewalls, IDS/IPS, SIEMs, VPNs, PKI
- Experience with system security documentation: SSPs, POA&Ms, SARs, Security Control Traceability Matrix (SCTM)
- Experience with cloud platforms such as AWS, Azure, Google Cloud with a focus on cloud security
- Experience with encryption protocols and technologies such as TLS/SSL, IPsec, VPN, PKI
- Experience with security testing tools: Nmap, Metasploit, Burp Suite, Kali Linux
- Experience with scripting and automation: Python, PowerShell, Bash
- Knowledge of system development lifecycle (SDLC), software assurance, and secure coding practices
- CISSP, CAP, CEH, Security+, AWS Security Specialty, or equivalent certifications
Skills
Expertise in system security design, risk management, and cybersecurity frameworks
Strong leadership qualities and an eagerness to tackle complex challenges
Collaboration and issue-tracking tools like JIRA, Confluence, ServiceNow
Benefits
- Competitive fixed salary or hourly pay (based on experience, skills, location, and internal equity)
- Employee referral bonuses up to $10,000 per hired referral
- Additional bonus opportunities for exceptional performance and contributions to business development and company growth (role-dependent)
- Health: 100% company-paid medical premiums for employees and eligible dependents
- Dental: 100% company-paid dental premiums for employees and eligible dependents
- Vision: 100% company-paid vision premiums for employees and eligible dependents
- Income Protection: 100% company-paid premiums for short-term disability, long-term disability, accidental death & dismemberment (AD&D), and life insurance up to $200,000
- Retirement: 401(k) with immediate vesting: 4% company match plus a 4% non-elective company contribution (8% total); 401(k) pre-tax and Roth options
- Leave: Up to 20 days of flexible paid time off (PTO); 11 paid floating holidays
- Work-Life Balance: Flexible work schedules, including flex time and compressed work periods (contract and project-dependent)