Security Engineer

About The Position

Requirements

• Working knowledge of federal cybersecurity standards and frameworks including:
• FISMA
• NIST
• Risk Management Framework (RMF)
• Federal Information Processing Standards (FIPS)
• Experience supporting system authorization and security compliance activities
• Strong technical writing, communication, and collaboration skills
• Ability to work effectively both independently and within cross-functional teams
• A Bachelor’s Degree in a related field and 12-15 years of experience is required.

Nice To Haves

• Experience supporting government systems or programs
• Familiarity with Zero Trust security architecture
• Experience supporting Authority to Operate (ATO) environments and continuous monitoring programs

Responsibilities

• Review, develop, and maintain system security documentation including System Characterization Documents (SCDs), System Security Plans (SSPs), Privacy Threshold Assessments (PTAs), and System Authorization Briefings (SABs)
• Support the Information Security Continuous Monitoring (ISCM) process and ongoing system authorization activities
• Maintain and manage the approved software application inventory
• Collaborate with the Enterprise Software Board (ESB) and engineering teams to support updates to the technology product roadmap
• Research, author, and update technical documentation such as system specifications and interface requirements documents
• Support the design and integration of Zero Trust architecture
• Participate in engineering reviews and provide security-focused recommendations to strengthen system security and compliance
• Work with cross-functional engineering and program teams to ensure adherence to federal security standards

Benefits

• SEMCON offers a competitive salary and complete benefits package which includes health benefits (medical, dental, vision, and life), 401K with a generous employer match, paid time off, and paid holidays.