Information System Security Engineer SME

Job Description

ECS is seeking an Information System Security Engineer SME to work in our Washington, DC office. Please Note: This position is contingent upon contract award.

ECS is seeking an experienced Information System Security Engineer (ISSE) - SME to join our team as an expert in designing, implementing, and maintaining secure information systems. The successful candidate will have a strong background in security engineering, architecture, and risk management, with a focus on protecting sensitive information and systems.

Responsibilities

Responsible for leading the implementation of the Security Assessment and Authorization (SAA) Program:

• Lead, mentor, and supervise a team of security professionals responsible for the end-to-end implementation of the RMF lifecycle for Enterprise IT systems.
• Oversee and coordinate activities within the Prepare step, ensuring roles, responsibilities, and risk management strategies are clearly defined and maintained.
• Guide system categorization efforts to ensure all information systems are appropriately classified based on mission/business impact and regulatory requirements.
• Direct the selection, tailoring, and documentation of security controls aligned with system categorizations, Enterprise risk appetite, and compliance requirements.
• Oversee the implementation of technical, operational, and management controls throughout system and application lifecycles, with a particular focus on quality and completeness of all deliverables.
• Ensure comprehensive security control assessments are planned, executed, and documented to validate the effectiveness of implemented safeguards.
• Prepare risk management documentation for system authorization and executive decision making.
• Direct ongoing monitoring and continuous assessment activities, collecting metrics to adjust security strategies and ensure sustained compliance.
• Serve as a principal technical advisor on cybersecurity, bringing subject-matter expertise to risk analysis, incident response, system remediation, and audit support efforts.
• Foster a culture of security awareness, providing technical guidance and training to both team members and stakeholders.
• Track, report, and communicate status, risks, and improvement opportunities related to security engineering activities to leadership and stakeholders.
• Maintain up-to-date knowledge of RMF, NIST guidance, and industry best practices in support of continuous process improvement.

Salary Range: $175,000 - $190,000

General Description of Benefits

Required Skills

• Security Clearance: Top Secret (TS) with SCI eligibility
• 10+ years of progressive technical security engineering experience to include use of GRC and RMF tools
• Hold at least one of the following certifications:
  • Certified Information Systems Security Professional (CISSP) (or Associate);
  • CompTIA Advanced Security Practitioner (CASP) CASP CE;
  • Certified Secure Software Lifecycle Professional (CSSLP);
  • CISSP- Information System Security Engineering Professional (ISSEP); or
  • CISSP- Information System Security Architecture Professional (ISSAP).
• Minimum 10 years' experience, or equivalent education/experience; Doctorate plus 6 years; Master's plus 6 years; Associates plus 10 years; or H.S./GED plus 14 years.

Desired Skills

• A bachelor's and/or advanced degree in computer science, business management, or IT-related discipline.
• Experience working within JCAM and/or CSAM
• Experience working with Xacta

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3300+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.