Senior Information Systems Security Engineer
TS/SCI with polygraph
Reston, VACompany Overview: Cornerstone Defense is the Employer of Choice within the Intelligence, Defense, and Space communities of the U.S. Government. Realizing early on that our most prized assets are our employees, we continually focus our attention on improving the overall work/life experience they have supporting the mission. Our Team is pushed every day to use their industry leading knowledge to provide end-to-end solutions to combat our nation's toughest and most secure problems. If you are looking for a place to not only be professionally challenged, but encouraged and supported by a company that cares, don't look any further than Cornerstone Defense.
Benefits Overview :
Cornerstone Defense offers a very comprehensive benefits package including, but not limited to: Medical, Dental and Vision Plans * Generous PTO Policy * 401(k) * HSA and FSA options * Life and Disability Insurance * Tuition Reimbursement and Training * Perks at Work Discount Program * Referral Program * Leads Generation Program * CollegeAmerica 529 * Fitness Reimbursement Program * Travel Assistance * Norton Lifelock Benefit Solutions * Life Planning Financial & Legal Services *
We are seeking a highly skilled, hands-on Senior Information Systems Security Engineer (ISSE) to secure mission-critical systems across hybrid, cloud, and air-gapped environments. The ideal candidate brings deep technical expertise in RMF, STIG compliance, vulnerability scanning, continuous monitoring, and secure system engineering-someone who is actively involved in building and configuring secure solutions rather than simply reviewing them. In this role, you will design, engineer, assess, and sustain security controls across complex system architectures, ensuring compliance, operational readiness, and mission resilience.
What you'll do: Engineer, implement, and manage security solutions (firewalls, IDS/IPS, endpoint protection, encryption)
Perform security assessments across systems, applications, and networks
Implement, validate, and maintain RMF NIST 800-53 controls across on-prem, cloud, and air-gapped systems
Conduct STIG checks, hardening, and secure configuration updates for OS, applications, network devices, and cloud resources
Run ACAS/Tenable scans, analyze vulnerabilities, and drive remediation with engineering teams
Configure log ingestion, parsing, and data flows into SIEM platforms (Splunk), and build dashboards and alerts
Monitor network traffic, logs, and events to detect anomalies and security threats
Conduct incident investigations and provide technical recommendations for mitigation
Maintain and enhance incident response plans and continuous monitoring procedures
Engineer, configure, and modify secure system and network baselines
Analyze and troubleshoot network protocols, packet flows, and configuration issues
Produce RMF artifacts, POA&Ms, scan reports, dashboards, and security documentation
Collaborate with DevSecOps, system engineering, IT, and development teams to embed security into the lifecycle
Write user stories, define security acceptance criteria, and support regression testing
Perform system assessments and security engineering within air-gapped and restricted networks
Support ongoing continuous monitoring activities and security control reviews
What you'll need 7+ years cybersecurity/ISSE experience designing, implementing, and assessing security controls
Strong experience with RMF, NIST 800-53, STIGs, ICD 503, FISMA, FedRAMP
SIEM experience, including log configuration, dashboards, and analytics (Splunk preferred)
Hands-on ACAS/Tenable vulnerability scanning and analysis
Cloud security experience (AWS/Azure/GovCloud) in IL5-IL6 environments
Strong understanding of network protocols, OS internals, and infrastructure security
Skilled in incident response and forensic analysis
Experience with tools such as Fortify, Acunetix, and Prisma Cloud
Experience configuring/modifying secure system and network baselines
Familiarity with agile workflows, user stories, and regression testing
Experience working in air-gapped or disconnected environments
Strong communication skills for both technical and non-technical audiences
CISSP or DoD 8140-approved certification
Active TS/SCI with CI poly
Never miss an opportunity! Create an alert based on the job you applied for.
