Information System Security Engineer (ISSE) - Hybrid
Coalfire Federal
•Hybrid
About The Position
Coalfire Federal is seeking a Mid-level Information System Security Engineer (ISSE) to support their team in Washington, D.C. This role involves providing cybersecurity information assurance support, including monitoring, incident response, and mitigation of threats. The position is hybrid, requiring three days per week on a government client site in the Washington, D.C. / Northern VA / Maryland areas.
Requirements
- Understanding of the NIST Risk Management Framework and associated special publications (800-37, 800-53, etc)
- Understanding of cloud solutions e.g. IaaS, PaaS, and SaaS
- Cloud related experience and or certifications
- Communication, written, verbal
- At minimum 5 years of ISSE experience in the cybersecurity / IT space is required
- Completed Bachelor’s degree from an accredited university, preferably in an IT related field.
- Ability to obtain a clearance or a Public Trust is preferred, however all clearance levels and non-cleared applicants will also be considered.
- One or more of the following must be active and verifiable: CISM, CISA, GSLC, or Security +
Nice To Haves
- JCAM experience preferred
- A completed CISSP is preferred.
- NIST Cybersecurity Framework experience
- Familiarity with AI tools and governance
- Experience with process improvement, documenting procedures and workflow
Responsibilities
- Provide security oversight of system deployments, system and component configuration, monitoring and reporting.
- Perform security impact assessments and security testing.
- Work with operations and development teams on remediation and mitigation of findings.
- Provide support to planning, designing and implementing security controls which safeguard and monitor events for information systems, enterprise applications and data.
- Provide information system security engineering support to verify and validate proposed architectures and implementations based on sound security engineering principles and practices.
- Perform IT product security specification reviews.
- Create Security baselines for Information systems.
- Perform a Security Impact analysis for all exceptions or deviations.
- Identify security requirements and provide input to the system design to ensure the proper controls are built-in.
- Participate in planning and executing in the system development life cycle of new system cycles.
- Conduct risk analysis and update the risk assessment report for all changes to the FISMA systems.
- Provide a security impact analysis to include but not limited to the change to the overall system risk rating and posture and documentation that is impacted requiring updates.
Benefits
- paid parental leave
- flexible time off
- certification and training reimbursement
- digital mental health and wellbeing support memberships
- comprehensive insurance options
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
