Information Systems Security Engineer - Expert
Description:
Job Description
Information Systems Security Engineer - Expert
Seeking a highly skilled and motivated Information Systems Security Engineer (ISSE) to join our DevSecOps team in Herndon. The ISSE will work closely with cross-functional teams to ensure systems comply with security policies, standards, and best practices. The position requires hands-on experience implementing security compliance, cloud automation, continuous integration/continuous deployment (CI/CD) and DevSecOps best practices to enhance the security, scalability, and efficiency of mission-critical applications.
Key Responsibilities:
Design, develop, and implement security architectures for information systems.
Conduct risk assessments and provide mitigation strategies for identified vulnerabilities.
Coordinate and respond to external organizations to Support the Risk Management Framework (RMF) process, including preparation of System Security Plans (SSP), Contingency Plans (CP) Security Assessment Reports (SAR), and Plans of Action and Milestones (POA&M).
Collaborate with System Owners, and other stakeholders to ensure compliance with organizational security standards.
Integrate security controls into the software development lifecycle (SDLC).
Work closely with software developers and cloud engineers to integrate security and automation into the software development lifecycle.
Support AWS CloudWatch, AWS Security Hub, GuardDuty, Splunk, or ELK for proactive monitoring, logging, and compliance reporting.
Participate in security testing, audits, and incident response activities.
Provide security engineering support throughout all system lifecycle phases.
Stay current with emerging security threats and technologies.
Mandatory SKills
TS/SCI with Polygraph Required Day 1
Bachelors degree in computer science, Cybersecurity, Information Technology, or a related field (or equivalent experience).
CISSP, CASP+, CEH, GSLC, Security+, AWS Certified Security certifications or other relevant cybersecurity certifications.
Hands-on experience with tools such as eMASS, XACTA, Nessus, ACAS, or similar.
Strong understanding of networking, operating systems (Windows/Linux), and encryption technologies.
Optional Skills
Familiarity with secure software development practices and DevSecOps tools.
Strong analytical, organizational, and problem-solving skills.
Excellent verbal and written communication abilities.
Ability to work independently and as part of a team in a fast-paced environment.
Full-time