Information Systems Security Engineer

Information Systems Security Engineer

Location: Washington, DC (Hybrid - 3 days a week. Need local candidates)

Job description:

Role: ISSE

Role Overview

We are seeking an Information Systems Security Engineer (ISSE) to provide technical and hands-on security engineering support for federal cloud and enterprise systems. This role focuses on securing cloud-based architectures, integrating security across the system lifecycle, and supporting Information System Security Officers (ISSOs) with authorization and accreditation activities.



Role Responsibilities

~Design and implement security mechanisms protecting IT and cloud solutions in Microsoft Azure and Amazon Web Services (AWS).

Integrate security requirements throughout the system development lifecycle, including applications, single and multi-purpose information systems, operating systems, and CI/CD pipelines.

~Design and assess secure information system and cloud architectures, including Azure and other cloud vendors.

~Highly experienced in designing the configuration of NSGs, Azure Firewall, Private Endpoints security, Azure VNETs, subnets, routing tables, security groups, and network Access Control Lists.

~Expert in assessing the effectiveness of implemented security mechanisms and configurations.

~Provide technical and engineering support to ISSOs performing A&A activities.

~Conduct security impact assessments for system, architecture, application, and configuration changes.

~Perform threat modeling to identify, analyze, and mitigate risks associated with application and infrastructure design changes.

~Integrate Supply Chain Risk Management (SCRM) activities aligned with NIST SP 800-161 into information system designs

~Apply application security best practices, including secure coding principles, dependency management, and vulnerability remediation.

~Support DevSecOps practices by designing and integrating security controls, scanning, and monitoring at strategic points of the CI/CD pipeline prior to introduction to a production environment.

~Design and implement security best practices to containers and Infrastructure as Code

~Develop security architecture documentation, technical standards, and risk-based recommendations based on security designs.



Required Qualifications and Education:

~Bachelor's Degree in Cybersecurity, IT, Engineering, or related field.

~6+ years of cybersecurity and 2+ years of verifiable ISSE experience.

~Strong networking experience, including TCP/IP, routing and switching, firewalls, VPNs, load balancing, and cloud networking.

~Demonstrated experience with Azure networking services.

~Experience with application security and DevSecOps in cloud-based environments.

~Strong knowledge of NIST RMF, FedRAMP, NIST SP 800-161, and NIAP / Common Criteria

~Experience conducting security impact assessments and threat modeling

~Experience with Kubernetes or other container technologies, and Infrastructure as Code preferred.

~Strong communication skills

Required Certifications

~Certified Information Systems Security Professional (CISSP) or equivalent.

~Certified Cloud Security Professional (CCSP)

Preferred Certifications:

~CISSP-ISSEP

~CISSP-ISSAP



Location & Clearance Requirements

~This position is hybrid and is required to be onsite 3 days a week in Washington, DC.

~Must be able to obtain a public trust clearance.