Information Systems Security Engineer

CACI International•Philadelphia, PA

1d•Onsite

About The Position

The Information Systems Security Engineer (ISSE) serves as the primary technical authority for the security and resilience of our mission-critical systems. This role is responsible for integrating security engineering principles into every phase of the Software Development Life Cycle to design and maintain secure architectures. You will collaborate with software developers, systems engineers, and government stakeholders to navigate the Risk Management Framework (RMF) lifecycle and maintain the Authority to Operate (ATO) for complex cloud and on-premise environments.

Requirements

Bachelor’s Degree in Computer Science, Information Technology, Cybersecurity, Engineering, or related degree
Minimum of 5 years of progressive experience in Cybersecurity, Information Assurance, or related background.
Active TS/SCI.
DoD 8570 IAT Level II Compliance (e.g., Security+, CCNA Security, or CySA+).
Full RMF Lifecycle Mastery: Deep experience navigating the Risk Management Framework (NIST 800-37) to secure and maintain Authority to Operate (ATO).
Expert knowledge of NIST 800-53 and 800-171 control sets, including managing control inheritance and applying overlays.
Ability to author cybersecurity policies, manage POA&Ms, and develop Contingency/Disaster Recovery plans.
Experience reviewing system changes for security impact and collaborating with dev teams to integrate new technologies securely.
Proficiency in conducting security inspections, audits, and vulnerability analysis to track patch effectiveness and system health.
Functional understanding of security operations within AWS or Azure environments.
Proven ability to brief complex technical risks to large groups and coordinate directly with SCAs and DAOs.
Ability to manage high-pressure tasks and mission-critical deadlines both independently and in team settings.

Nice To Haves

Basic understanding of the software development lifecycle
Experience working with governance risk and compliance tools (i.e. Xacta, SNOW, etc.)
Experience utilizing common industry tools (i.e. Nessus, Splunk, Anchore, etc.)
Active TS/SCI with Polygraph.

Responsibilities

Lead the end-to-end Risk Management Framework (RMF) process, managing NIST 800-53/171 control sets and coordinating with cybersecurity entities (SCA/DAO) to secure and maintain Authority to Operate (ATO).
Drive "security by design" by reviewing technical change requests, evaluating new technologies, and providing security oversight for cloud-based platforms (AWS/Azure).
Conduct system inspections and vulnerability assessments to manage POA&Ms, prioritize system patching, and ensure robust disaster recovery and contingency planning.
Establish continuous monitoring protocols to track security posture, enforce cybersecurity policies, and brief complex technical risks to senior stakeholders.

Benefits

flexible time off benefit
robust learning resources
competitive compensation
benefits and learning and development opportunities
comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume