Information Systems Security Engineer (ISSE)
About The Position
The Swift Group is a privately held, mission-driven and employee-focused services and solutions company headquartered in Reston, VA. Our capabilities include Software Development, Engineering & IT, Data Science, Cyber Enablement, Logistics, and Training. Founded in 2019, Swift supports Civilian, Defense, and Intelligence Community customers across the country and around the globe. We are looking for an Information Systems Security Engineer (ISSE) to join our high-performing team in either Reston, VA or Tysons Corner, VA. You will lead the design and development of the technical building blocks that enable zero trust authentication and authorization across mission applications. You will partner with application teams, security architects, and infrastructure engineers to establish secure-by-design integration patterns, accelerate adoption of zero trust principles, and ensure security is engineered into every stage of the software lifecycle.
Requirements
- US citizenship with an active TS/SCI with CI Polygraph required
- Minimum 7 years of professional experience in software engineering, security engineering, or closely related roles
- Bachelor’s degree in Computer Science, Engineering, or a related field (experience may be considered in lieu of a degree)
- Hands-on experience designing and deploying application components on AWS in IL6+ classified environments
- Proven experience implementing modern authentication and authorization standards (OAuth 2.0, OpenID Connect, SAML)
- Expertise with fine-grained access control models (entitlements, row-level security, ABAC)
- Strong proficiency in at least one programming language (Java, Go, or Python) for building frameworks, SDKs, and platform services
- Working knowledge of zero trust architecture and principles, including identity-centric security and least-privilege access
- Experience authoring developer documentation, integration guides, and reference implementations
- Solid understanding of secure coding practices, SDLC security, and integrating security controls into CI/CD pipelines
Nice To Haves
- Experience with enterprise identity platforms (e.g., AWS Cognito, Azure AD, Keycloak) and policy engines (e.g., OPA, Cedar)
- Background with authorization-as-a-service patterns, token exchange, and policy-based access control in microservices
- Familiarity with DISA STIGs/SRGs and compliance workflows in classified environments
- Contributions to internal SDKs, developer portals, or platform engineering products that improve developer productivity
Responsibilities
- Design, develop, and maintain reusable frameworks, libraries, APIs, and reference implementations that integrate applications with zero trust identity and access services
- Create developer documentation, integration guides, and best practices to streamline adoption of security services by product teams
- Implement and support fine-grained authorization approaches (e.g., entitlements, row-level security, ABAC) and align them to business policies
- Collaborate with architects and platform engineers to ensure security services meet performance, usability, resilience, and compliance objectives
- Conduct design and code reviews; coach development teams on secure coding, identity integration, and threat-informed design patterns
- Evaluate emerging zero trust and identity/access technologies and recommend improvements to architecture, tooling, and developer experience
Benefits
- healthcare
- wellness
- financial
- retirement
- education
- time off benefits
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
