Security Specialist

MAXISIQ•Fort Meade, MD

22h

About The Position

MAXISIQ is seeking a highly skilled Information Security Specialist / Information Systems Security Engineer (ISSE) to maintain responsibility for all duties in support of Department of Defense (DoD), Risk Management Framework (RMF), and Intelligence Community Directive (ICD) 503, while applying strong security engineering principles and hands-on technical expertise. In addition to intermediate to advanced knowledge of NIST SP 800-53 security controls and CNSSI 1253, this role emphasizes engineering experience across system hardening, automation, and vulnerability remediation. You will provide systems security engineering and architecture principles in support of RMF, including specification, design, development, implementation, and modification of information system components. The successful candidate will not only select, tailor, and implement NIST SP 800-53 security controls for RMF Assessment and Authorization (A&A) but also actively engineer solutions to remediate vulnerabilities and improve system security posture. Key responsibilities include: Develop layered protections and establish cybersecurity SOPs or guidelines for authorization boundaries. Apply system development life cycle principles such as Agile (preferred). Perform vulnerability management and implement fix actions across Windows, Linux/Unix, and containerized environments. Engineer and automate security configurations using tools such as Ansible and scripting in Python. Implement and maintain DISA STIGs and CIS Benchmarks across diverse platforms, including RHEL, Ubuntu, Windows operating systems, VMware/ESXi, and 3rd-party applications, as well as network devices such as Cisco (NXOS, ASRs, IOS-XE, ASA) and Juniper. Manage Linux administration and package management, as well as Windows Domain Controller compliance. Support container security engineering with Docker and related technologies. Conduct vulnerability scans using ACAS, interpret results, and drive remediation efforts. Collaborate with developers to ensure secure coding practices and integrate security into CI/CD pipelines. Delineate physical and logical security boundaries for systems and networks. Ensure software developers are trained on secure software development practices. Generate and interpret vulnerability scans, implement STIGs and CIS Benchmarks, and support RMF Continuous Monitoring activities, including remediating and/or mitigating findings on system POA&Ms. Provide guidance on encryption techniques and tools as part of system security engineering.

Requirements

8+ years as an Information Systems Security Engineer or Security Engineer with RMF experience.
Possess working knowledge of cybersecurity tools, such as ACAS, DISA STIGs/SCAPs/CIS Benchmarks.
Hands-on experience with vulnerability management and remediation across multiple operating systems.
Proficiency with automation tools (Ansible) and scripting (Python).
Working knowledge of virtualization platforms (VMware/ESXi) and container technologies (Docker).
Familiarity with network device hardening and STIG implementation for Cisco and Juniper platforms.
Experience applying DISA STIGs, SCAPs, and CIS Benchmarks.
Top Secret/SCI Security Clearance.
Bachelor’s degree from an accredited college or university.

Nice To Haves

Security Architect certifications IAW DoD Directive 8140.01 (e.g., CompTIA CASP, Cisco CCSP, SANS GSEC).

Responsibilities

Develop layered protections and establish cybersecurity SOPs or guidelines for authorization boundaries.
Apply system development life cycle principles such as Agile (preferred).
Perform vulnerability management and implement fix actions across Windows, Linux/Unix, and containerized environments.
Engineer and automate security configurations using tools such as Ansible and scripting in Python.
Implement and maintain DISA STIGs and CIS Benchmarks across diverse platforms, including RHEL, Ubuntu, Windows operating systems, VMware/ESXi, and 3rd-party applications, as well as network devices such as Cisco (NXOS, ASRs, IOS-XE, ASA) and Juniper.
Manage Linux administration and package management, as well as Windows Domain Controller compliance.
Support container security engineering with Docker and related technologies.
Conduct vulnerability scans using ACAS, interpret results, and drive remediation efforts.
Collaborate with developers to ensure secure coding practices and integrate security into CI/CD pipelines.
Delineate physical and logical security boundaries for systems and networks.
Ensure software developers are trained on secure software development practices.
Generate and interpret vulnerability scans, implement STIGs and CIS Benchmarks, and support RMF Continuous Monitoring activities, including remediating and/or mitigating findings on system POA&Ms.
Provide guidance on encryption techniques and tools as part of system security engineering.