Allied Consultants has been contracted with the Texas State Government for 34 years, we are a Top Ten ranked vendor, and premier provider of technical and business staffing solutions. We are currently seeking a contract Information System Security Engineer (ISSE) to be a key resource on a technical services team for our client, the Texas Health and Human Services Commission (HHSC).
Work Location
Hybrid: 3 days remote, 2 days onsite (Mon & Thurs). Candidates must be local to Austin, TX or surrounding areas.**
Office Location: TBD
Responsibilities
The Security Engineer will project work by leading security governance, compliance, and risk management activities, with a strong focus on System Security & Privacy Plans (SSP/SSPP). This role bridges technical security operations and regulatory compliance, ensuring audit readiness, effective vulnerability remediation, and secure delivery of public-facing services across complex, multi-platform environments.
- Lead end to end System Security & Privacy Plan (SSP/SSPP) development, maintenance, and updates for enterprise systems
- Drive remediation activities through POA&M management, ensuring timely closure of compliance gaps
- Translate penetration testing and vulnerability findings into actionable remediation work items (EPICs/user stories)
- Coordinate with application, infrastructure, and security teams to validate remediation through re-testing and evidence
- Oversee risk-based vulnerability management, including prioritization and SLA-driven remediation
- Provide governance oversight for endpoint protection, web application security, and cloud security controls
- Produce assessor ready documentation, including configurations, monitoring evidence, approvals, and incident traceability
- Support continuous audit readiness and reduce repeat findings through disciplined governance and documentation practices
Qualifications
Minimum Requirements:
12 years of:
- deep focus on: Governance, Risk, and Compliance (GRC), Enterprise Security and Security Architecture, Vulnerability Management and Penetration Testing , Cloud Security and hybrid environments
10 years of:
- Proven experience owning SSP development end to end
- Hands on experience with CMS MARS E v2.2 or comparable federal/state security frameworks
- Strong expertise in: Control implementation documentation, Audit evidence collection and validation, POA&M creation, tracking, and remediation management
8 years of:
- Ability to translate technical security issues into compliance aligned remediation actions
- Strong stakeholder management skills across security, infrastructure, and application teams
- Excellent written and verbal communication skills, particularly for executive stakeholders
- Knowledge of NIST 800 53, NIST RMF, and privacy controls
- Knowledge of Secure SDLC and DevSecOps practices
Preferred:
5 years of:
- Experience operating in multi-vendor, multi-platform environments
- Demonstrated ability to reduce repeat audit findings and improve compliance maturity
- Experience mentoring or guiding teams on security governance best practices
1 year of:
- Experience supporting HHSC systems, including SSP development and compliance
Overview
Allied Consultants offers its family of consultants excellent rates, a local support staff, and an attractive benefits package which includes medical insurance (Allied shares a percentage of the cost), life insurance, a matching 401(k) plan and a cafeteria plan. Candidates selected for interview will be required to undergo criminal background checks and may be required to complete a drug screen in accordance with Federal and State Law. Offers of Employment are contingent on a successful background check. Allied Consultants is an equal opportunities employer.
Never miss an opportunity! Create an alert based on the job you applied for.
