Information System Security Engineer (ISSE)

About The Position

Requirements

• Requires a DoD Secret clearance with the ability to obtain a TS/SCI clearance.
• BS/BA in Cybersecurity, Computer Science, Information Technology, or related technical discipline OR Minimum of 5-10 years of experience in cybersecurity, with a focus on system security testing, SIEM management, system security engineering, or A&A processes.
• Expertise in advanced cyber defense concepts, including Out-of-Band Defensive Cyber Operations (DCO) principles and methodologies.
• Demonstrated experience with AI/ML security solutions or a strong understanding of how these technologies can be integrated into a security operations framework.
• Expertise in configuring and managing SIEM platforms (e.g., Splunk, Elastic, ArcSight) for proactive threat detection and incident response.
• Experience in secure system design, security control implementation, and system hardening for DoD environments.
• Strong understanding of Zero Trust Architecture (ZTA) principles and practical implementation in DoD environments.
• Proficiency in security testing tools (e.g., Tenable, Nessus, Burp Suite, Wireshark) and techniques (e.g., penetration testing, vulnerability scanning).
• Experience securing Microsoft Windows, Linux, Active Directory, and virtualized/containerized environments.
• Proficiency with scripting and automation tools (e.g., PowerShell, Python, Ansible) for security tasks.

Nice To Haves

• 5-10 years of experience as an ISSE or in a technical cybersecurity role.
• Prior experience supporting USINDOPACOM or other DoD commands.
• Hands-on experience implementing ZTA solutions, such as identity-based access controls, micro-segmentation, or behavioral analytics.
• Experience optimizing SIEM platforms for large-scale DoD environments or integrating with SOAR tools (e.g., Splunk SOAR, Palo Alto XSOAR).
• Familiarity with cloud security (e.g., Azure, AWS) and containerized environments (e.g., Docker, Kubernetes).
• IAT Level III or IAM Level II certification (e.g., CISSP, CISM, CASP+).
• Experience with DoD A&A tools such as eMASS or Xacta.

Responsibilities

• Lead Advanced Cyber Operations: Drive the deployment and management of out-of-band defensive cyber operations (DCO) capabilities to ensure continuous, non-disruptive system monitoring and proactive threat mitigation.
• Integrate AI/ML Security Solutions: Research, evaluate, and integrate state-of-the-art AI/ML solutions into existing security tools (e.g., SIEM, EDR, network sensors) to enhance threat detection, anomaly scoring, and automate incident response.
• System-Wide Security Process Integration: Provide senior technical expertise to integrate security technical processes system-wide, ensuring seamless and standardized application of security controls, configuration management, and vulnerability remediation across the entire enterprise.
• System Hardening & Engineering: Perform system security engineering tasks, including designing secure, resilient system architectures, implementing advanced security controls, and hardening systems to meet and exceed DoD and ZTA standards.
• Zero Trust Architecture (ZTA): Develop, pilot, and implement cutting-edge Zero Trust security measures, focusing on identity-centric access control, micro-segmentation, and continuous verification across diverse computing environments.
• Threat Detection & SIEM Optimization: Configure and optimize advanced SIEM platforms (e.g., Splunk, Elastic, ArcSight) to collect, correlate, and analyze security event data, building customized analytics and dashboards to support proactive threat hunting and DCO objectives.
• A&A and Compliance: Support the Assessment and Authorization (A&A) process by preparing comprehensive security documentation, conducting rigorous risk assessments, and ensuring compliance with DoD standards (e.g., RMF, NIST 800-53).
• Vulnerability Management: Conduct hands-on security testing, vulnerability assessments, and penetration testing using advanced tools (e.g., Tenable, Nessus, Wireshark, Burp Suite) to identify, analyze, and mitigate complex vulnerabilities in Windows, Linux, Active Directory, and virtualized/containerized environments.
• Technical Reporting: Develop detailed security reports, high-impact SIEM dashboards, and A&A artifacts for high-level briefings to senior military and technical leadership.
• Autonomy: Work independently without supervision to meet aggressive mission objectives and deadlines in a fast-paced environment. Up to 25% travel may be required.

Benefits

• At SMX, one of our Core Values is to Invest in Our People so we offer a competitive mix of compensation, learning & development opportunities, and benefits. Some key components of our robust benefits include health insurance, paid leave, and retirement.