Information Systems Security Engineer (ISSE)

About The Position

Requirements

• Proven hands-on Cyber Security Engineer SME, not policy-only or audit-only
• Comfortable working across network, system, platform, and application layers
• Deep understanding of how security controls are actually implemented and validated
• Experience in federal RMF-driven environments
• Able to bridge security, engineering, and compliance effectively
• Experienced in managing security incidents from detection through resolution
• Skilled at balancing immediate incident response needs with long-term security improvements
• Effective collaborator across organizational boundaries during high-pressure security events
• Operate independently as the technical authority for system security engineering
• Demonstrate the ability to provide technical hands-on configuration, validation, and assessment of security controls
• Translate RMF and NIST requirements into real-world technical implementations
• Communicate complex technical security issues clearly to both technical and non-technical stakeholders
• Maintain a strong balance between security compliance and operational practicality
• Lead rapid response to security incidents with minimal guidance
• Demonstrate strong analytical and troubleshooting skills under pressure during active security events
• Effectively communicate incident status, impact, and remediation progress to technical and leadership audiences
• Expert-level experience with NIST Risk Management Framework (RMF) in federal government environments
• Strong knowledge of: NIST SP 800-53 NIST SP 800-37 NIST SP 800-30
• Direct involvement I ATO packages, control implementation, and assessments
• Hands-on experience with Security Information and Event Management (SIEM) platforms (e.g., Splunk, ELK Stack, ArcSight, QRadar)
• Demonstrated experience in security incident detection, analysis, and response
• Proven ability to triage security alerts and determine criticality and impact
• Networking (e.g., routing, switching, firewalls, load balancers, network security controls)
• Operating Systems: Windows Server Linux (RHEL, CentOS)
• Virtualization and storage platforms
• Databases (SQL and/or NoSQL)
• Data platforms (e.g., HPCC, Hadoop/Cloudera)
• Web services, APIs, and application architectures
• Software development environments and CI/CD pipelines
• Security tooling (e.g., vulnerability scanners, endpoint protection, SIEM)
• Security engineering and system hardening
• Vulnerability discovery and remediation
• Secure system design and architecture reviews
• Technical documentation supporting RMF compliance
• Experience in cloud environments (AWS, Azure, GCP, CI) within federal RMF contexts
• Experience with DevSecOps practices
• Bachelor’s Degree in Computer Science, IT, or a related technical discipline, or the equivalent combination of education, technical training, or work/military experience
• Minimum ten (10) years of related cyber security engineering experience

Nice To Haves

• Hands-on experience with containerization and orchestration (Docker, Kubernetes)
• Hands-on experience with infrastructure-as-code
• Knowledge of federal overlays (e.g., DoD, FISMA High/Moderate)
• Relevant certifications (preferred, not required): CISSP CAP CISM Security+ Cloud Security Certified Ethical Hacker
• Experience with guiding and directing junior engineers and information systems security officer (ISSO)
• Experience with security orchestration, automation, and response (SOAR) platforms
• Background in threat hunting and proactive security monitoring
• Relevant incident response certifications

Responsibilities

• Serve as the Cyber Security Engineer SME, providing hands-on security engineering across all system layers (infrastructure, platform, and application)
• Engineer, implement, and validate security controls in accordance with NIST SP 800-53 and RMF requirements
• Lead and support RMF lifecycle activities (Categorize, Select, Implement, Assess, Authorize, Monitor)
• Perform security engineering for: Network architectures and boundary protections
• Windows and Linux operating systems
• Storage and virtualization platforms
• Databases and data platforms
• Web services, APIs, and application stacks
• Custom and COTS/GOTS software solutions
• Provide technical input to RMF artifacts, including: System Security Plans (SSP)
• Security Control Assessments (SCA) support
• POA&Ms
• Risk assessments and security impact analyses
• Collaborate with system owners, architects, developers, ad operations teams to embed security into system design and implementation
• Support ATO, re-authorization, and continuous monitoring activities
• Identify security risks and provide practical, technically sound mitigation strategies
• Participate in security reviews, technical design reviews, and vulnerability remediation efforts
• Serve as technical l point of contact for all security incidents affecting the program
• Lead triage and analysis of new security alerts from SIEM, IDS/IPS, and other security monitoring tools
• Drive remediation efforts for recurring security alerts, identifying root causes and implementing systemic fixes
• Coordinate incident response activities between program stakeholders and enterprise security operations
• Act as primary liaison between program teams and enterprise security for incident escalation, resolution, and reporting
• Perform forensic analysis and technical investigations of security events
• Document security incidents, response actions, and lessons learned
• Develop and maintain runbooks and playbooks for common security incident types