Information Assurance Security Engineer

INflow Federal•Springfield, VA

1d•Onsite

About The Position

As an Information Assurance Security Engineer at INflow Federal, you will play a critical role in protecting mission-essential systems supporting the Intelligence Community. You will serve as a trusted technical advisor responsible for integrating security into every phase of the system lifecycle—from architecture and engineering through operations, accreditation, and continuous monitoring. This position combines cybersecurity engineering, Risk Management Framework (RMF), cloud security, network defense, and enterprise infrastructure into a highly collaborative role supporting some of the nation’s most sensitive environments. Working alongside systems engineers, network engineers, developers, and cybersecurity professionals, you will ensure enterprise systems remain secure, compliant, resilient, and mission-ready. At INflow Federal, your expertise directly supports national security while providing opportunities to work with emerging technologies, enterprise cloud solutions, and advanced cyber defense capabilities.

Requirements

Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related technical discipline, or an equivalent combination of education, certifications, and experience.
10+ years of experience supporting Information Assurance, Cybersecurity Engineering, or Information Security within enterprise environments.
Active Top Secret/SCI security clearance.
IAM Level II certification in accordance with DoD 8570.01-M prior to start.
Demonstrated experience supporting RMF and ICD 503 authorization processes.
Experience securing Cloud Infrastructure, including AWS-based environments.
Experience implementing and maintaining DISA STIG compliance.
Experience with vulnerability management and enterprise security assessment tools.
Strong understanding of enterprise networking, VLANs, routing, firewalls, virtualization, and Windows Active Directory.
Experience with Unix and/or Red Hat Enterprise Linux administration.
Experience developing PowerShell, Bash, Shell, or similar automation scripts.
Strong written and verbal communication skills with the ability to present technical information to leadership.

Nice To Haves

CISSP, CAP, GSLC, CISM, or equivalent advanced cybersecurity certification
AWS Cloud Security
ACAS
HBSS
Carbon Black
Tanium
RedSeal
EMET
Windows Enterprise Administration
VMware Virtualization
Active Directory
Enterprise Network Security
Firewall Engineering
Security Architecture
Systems Administration
Network Engineering
Security Automation and Scripting
Incident Response
Digital Forensics
Vulnerability Assessment and Remediation

Responsibilities

Serve as a technical Information Assurance (IA) Security Engineer supporting enterprise systems throughout the system lifecycle.
Develop, review, and maintain Information Security policies, procedures, Memorandums of Agreement (MOAs), and accreditation documentation.
Support Certification & Accreditation (C&A) and Risk Management Framework (RMF) activities in accordance with ICD 503 and customer security requirements.
Collaborate with software developers, systems engineers, project managers, and stakeholders to incorporate security into system design and implementation.
Advise engineering teams on secure architecture, security controls, and regulatory compliance throughout project execution.
Act as a representative of the Information System Security Manager (ISSM), ensuring compliance with applicable security policies and procedures.
Support the operation, maintenance, and disposition of classified information systems in accordance with approved System Security Plans (SSPs).
Develop and deliver user security awareness training and ensure users understand their Information Assurance responsibilities.
Investigate security incidents, recommend corrective actions, and coordinate mitigation activities.
Ensure enterprise hardware and software configurations comply with DISA Security Technical Implementation Guides (STIGs).
Implement and enforce Information Assurance policies and security controls documented within RMF authorization packages.
Perform Operations and Sustainment (O&S) support for enterprise network security infrastructure including firewalls, web gateways, mail gateways, intrusion detection systems, load balancers, and security management platforms.
Configure, maintain, and harden enterprise security technologies to defend against emerging cyber threats.
Perform forensic log and network traffic analysis to investigate security events and respond to escalated incidents.
Administer and maintain security monitoring platforms including ACAS, HBSS, Carbon Black, Tanium, RedSeal, EMET, and related enterprise cybersecurity tools.
Review vulnerability findings, analyze Plans of Action and Milestones (POA&Ms), and coordinate remediation efforts.
Execute vulnerability remediation activities utilizing ACAS security scan results and customer security guidance.
Support integration testing, operational readiness assessments, and system security validation.
Maintain technical documentation, architecture diagrams, security procedures, and operational standards.
Present security assessments, compliance reports, and technical findings to customer leadership and engineering teams.
Participate in Configuration Control Boards (CCBs), technical reviews, and enterprise security planning efforts.
Support multiple concurrent projects while operating effectively in a dynamic, mission-focused environment.