Information Systems Security Engineer III
About The Position
The Information System Security Engineer III (ISSE III) serves as a key technical leader responsible for integrating cybersecurity across the full lifecycle of complex information systems. This role acts as the primary liaison between systems engineering teams and security compliance stakeholders, ensuring security requirements are effectively implemented without compromising mission or operational objectives. This position supports a Department of Defense (DoD) program focused on enhancing the cybersecurity posture of mission-critical systems operating within Amazon Web Services (AWS) classified environments. The role is heavily centered on executing the Risk Management Framework (RMF), driving system hardening efforts, conducting vulnerability assessments, and developing the documentation required to achieve and maintain Authority to Operate (ATO).
Requirements
- Minimum of 5 years of experience in cybersecurity, systems engineering, or information assurance
- Experience implementing the DoD Risk Management Framework (RMF) in regulated or classified environments
- Active certification meeting DoD 8570 / 8140 requirements (e.g., CISSP, CASP+, or equivalent)
- Strong understanding of Network architecture and protocols
- Strong understanding of Encryption and key management
- Strong understanding of Secure system configuration (Windows and Linux)
- Experience with vulnerability assessment tools (e.g., Nessus, ACAS, SCAP)
- Ability to communicate complex technical risks to non-technical stakeholders
- Active (or active within 24months) Secret Security Clearance required, can hold TS
Nice To Haves
- CISSP-ISSEP or advanced cybersecurity certification
- Experience working in AWS classified or GovCloud environments
- Familiarity with DevSecOps pipelines and CI/CD security integration
- Experience with container security (Docker, Kubernetes)
- Knowledge of Zero Trust Architecture (ZTA)
- Experience with compliance-as-code and automation tools
Responsibilities
- Design, develop, and implement secure architectures across multi-level systems, cloud environments (AWS), and on-premise networks
- Integrate security controls into system design aligned with NIST 800-53 and DoD requirements
- Lead RMF lifecycle activities, including system categorization, control selection, implementation, and continuous monitoring
- Tailor security controls based on system risk, mission needs, and operational constraints
- Develop and maintain Body of Evidence (BoE) documentation, including: System Security Plans (SSP), Security Assessment Reports (SAR), Plan of Action & Milestones (POA&M)
- Support assessment activities and coordinate with Authorizing Officials and assessors
- Conduct vulnerability scans using tools such as Nessus, ACAS, and SCAP
- Analyze findings, prioritize risks, and drive remediation efforts with engineering teams
- Implement and validate system hardening in accordance with DoD and industry standards
- Serve as a trusted advisor to engineering teams and leadership on cybersecurity risks and mitigation strategies
- Translate technical vulnerabilities into mission and business risk for senior stakeholders
- Provide security guidance on system changes, architecture decisions, and engineering trade-offs
Benefits
- Comprehensive medical, dental and vision plans for you and your dependents
- 401(k) Retirement Plan with Employer Match
- 529 College Savings Plan
- Health Savings Account
- Life Insurance
- Long-Term Disability
- Competitive Compensation
- Training and development programs
- Major offices stocked with snacks and beverages
- Collaborative and cool culture
- Work-life balance and generous paid time off
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
Number of Employees
501-1,000 employees
