Information Security Engineer

FindHerndon, VA

About The Position

This position will serve as a member of the Exostar Information Security Office and will report to the Manager of Governance & Engineering. This role is responsible for designing and implementing technical security controls across application, cloud, identity, and PKI environments. The successful candidate will work directly with DevOps, application, and operations teams to engineer controls and satisfy security framework requirements. This role is ideal for a security engineer who can assess architecture, identify control gaps, implement remediation, and technically validate implementation effectiveness. This role is ideal for candidates that have a skillset focused on engineering credibility, architectural judgment, and the ability to operate confidently with technical teams, auditors, customers, and leadership.

Requirements

  • 5+ years of hands-on experience evaluating secure architecture and implementing security controls in cloud environments.
  • Experience evaluating system architecture, network diagrams, data flows, identity integrations, and technical design documentation.
  • Experience performing threat modeling, technical risk assessments, security design reviews, and control gap assessments.
  • Experience integrating security into the SDLC, including CI/CD pipelines, Agile delivery, and DevSecOps practices.
  • Experience collaborating with engineering, infrastructure, DevOps, cloud, IAM, and operations teams to drive remediation to closure.
  • Strong understanding of network security concepts, including segmentation, firewalls, proxies, DNS, TLS, VPN/IPSec, routing, ingress/egress control, and secure network design.
  • Experience with identity and access technologies such as Active Directory, Entra ID/Azure AD, SAML, OIDC, MFA, privileged access, role-based access control, and identity federation.
  • Demonstrated experience authoring technical control narratives, technical audit documentation, and supporting evidence.
  • Experience supporting audits and assessments such as SOC 2, ISO 27001, etc.
  • Strong written and verbal communication skills with the ability to explain technical concepts to auditors, leadership, and business stakeholders.
  • Significant experience using Jira and Confluence.
  • U.S. Citizens only- Due to customer requirements, U.S. Citizenship is required.
  • Ability to gain and maintain Trusted Role is required.

Nice To Haves

  • CMMC CCA or CCP certification.
  • FedRAMP audit lead or hands-on control implementation experience
  • CISSP and other similar technical certifications
  • Experience implementing Governance, Risk, and Compliance (GRC) tools
  • Experience with managing, securing, and auditing Public Key Infrastructure (PKI), including the certificate lifecycle management.
  • End-point Protections (HIPS/HIDS)
  • Demonstrated experience designing multi-tier, highly available, multi-threaded, scalable architectures.
  • Experience with web application programming, Java, APIs, or application-adjacent security engineering.
  • Secure development frameworks (e.g. OWASP SAMM, Microsoft Security Development Lifecycle, IBM Secure Engineering Framework, etc.)
  • Business Continuity and Disaster Recovery planning
  • Data Loss Prevention (DLP)
  • Data Labeling and Information Rights Management

Responsibilities

  • Assess, design, and provide guidance on secure architecture for cloud environments, including IAM, PKI, access, network, and platform services.
  • Engage directly with infrastructure, platform, and development teams to translate security requirements into implementable technical designs and controls.
  • Review proposed system changes, architecture diagrams, network flows, identity integrations, and control implementations for security implications.
  • Develop technical control implementation guidance, including diagrams, control narratives, configuration expectations, and test procedures.
  • Provide hands-on engineering support for control effectiveness through configuration review, evidence inspection, technical testing, log review, and remediation verification.
  • Perform threat modeling and security risk assessments and coordinate actionable mitigation strategies.
  • Provide engineering support for controls aligned to frameworks such as PKI, identity certification, CMMC L2, FedRAMP Moderate, ISO/IEC 27001, IAM, SOC 2, etc.
  • Produce technical control descriptions that reflect security architecture, implementation, and operational behavior to create defensible control narratives to auditors and customers.
  • Produce SSPs, POA&Ms, control narratives, and audit responses where engineering interpretation is required.
  • Support audits and customer assessments by explaining technical controls, gathering defensible evidence, and validating that evidence against control intent.
  • Improve the repeatability and quality of evidence collection, control validation, and remediation tracking.

Benefits

  • employee development
  • promote internally
  • training and educational assistance
  • comprehensive benefits
  • flexible time off plans
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service