Information Security Engineer

Williams International•Pontiac, MI

10h

About The Position

Williams International is a privately-owned company that develops and manufactures jet engines for both military and commercial aircraft applications. We are a company of creators who deliver pioneering ideas and technologies that lead the aerospace industry. Our culture fosters creativity, collaboration, and continuous learning to position our team members to inspire each other and provide quality products and supporting services that exceed the expectations of our customers. The Opportunity Williams International has an exciting opportunity for a SecDevOps Engineer to join our team. The SecDevOps Engineer will work within Cyber Security to support the Williams enterprise. Lead the secure networking and data design for Williams International in support software development alignment and cloud migration strategy for WINET. The SecDevOps Engineer will also: CMMC Compliance & Audit Readiness : Lead engineering efforts to implement and maintain NIST SP 800-171 controls (110 practices) to achieve CMMC Level 2 certification. You will manage the System Security Plan (SSP) and maintain the Plan of Action and Milestones (POA&M) for all development environments. Secure Software Development Lifecycle (SSDLC): Architect and enforce security "shift-left" practices within the internal pipeline. This includes automated integration of Static (SAST), Dynamic (DAST), and Software Composition Analysis (SCA) tools to identify vulnerabilities before production. Identity & Access Management (IAM): Design and audit strict Multi-Factor Authentication (MFA) and Least Privilege access controls across GitLab/GitHub repositories, CI/CD runners, and cloud infrastructure. Continuous Monitoring & Logging : Establish automated logging and alerting systems to satisfy CMMC Audit and Accountability (AU) requirements. Ensure all Controlled Unclassified Information (CUI) access and modification events are traceable and audit-ready. Software Supply Chain Security : Implement and manage Software Bill of Materials (SBOM) processes to mitigate third-party library risks and comply with emerging DoD secure software standards.

Requirements

Bachelor’s degree or equivalent in Computer Sciences, Information Systems, Business, Engineering, or related discipline is required.
6-8 years of experience in a system security-related role
DevSecOps Proficiency: Advanced experience securing CI/CD pipelines (GitLab CI, GitHub Actions) and containerized environments (Docker, Kubernetes).
Cloud Platforms : Hands-on experience securing CUI environments within AWS (GovCloud preferred), Azure, or Google Cloud.
Security Tools : Proficiency with vulnerability management and monitoring tools such as Tenable Nessus, ACAS, Splunk, and Wireshark.
Networking : In-depth knowledge of TCP/IP, VPNs, network segmentation for CUI isolation, and firewalls/IDS/IPS.
U. S. citizenship is required
Position requires the ability to obtain a U. S. Government Security Clearance, if needed.
Candidates selected may be subject to a U. S. Government security investigation and must meet eligibility requirements for access to classified information.

Responsibilities

Lead the secure networking and data design for Williams International in support software development alignment and cloud migration strategy for WINET.
Lead engineering efforts to implement and maintain NIST SP 800-171 controls (110 practices) to achieve CMMC Level 2 certification.
Manage the System Security Plan (SSP) and maintain the Plan of Action and Milestones (POA&M) for all development environments.
Architect and enforce security "shift-left" practices within the internal pipeline.
Automated integration of Static (SAST), Dynamic (DAST), and Software Composition Analysis (SCA) tools to identify vulnerabilities before production.
Design and audit strict Multi-Factor Authentication (MFA) and Least Privilege access controls across GitLab/GitHub repositories, CI/CD runners, and cloud infrastructure.
Establish automated logging and alerting systems to satisfy CMMC Audit and Accountability (AU) requirements.
Ensure all Controlled Unclassified Information (CUI) access and modification events are traceable and audit-ready.
Implement and manage Software Bill of Materials (SBOM) processes to mitigate third-party library risks and comply with emerging DoD secure software standards.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume