Information Systems Security Engineer

We are seeking a highly skilled Information Systems Security Engineer (ISSE) to design, implement, and maintain security controls across enterprise systems and networks. This role ensures systems are compliant with security requirements while supporting mission-critical operations. The ISSE will work closely with system owners, engineers, and cybersecurity teams to integrate security throughout the system lifecycle.

• Design, implement, and maintain security controls for information systems and networks
• Support the Risk Management Framework (RMF) lifecycle, including system categorization, control selection, implementation, assessment, and authorization
• Conduct security assessments, vulnerability scans, and risk analysis
• Develop and maintain system security documentation (SSP, POA&M, SAR, etc.)
• Ensure systems comply with NIST, RMF, and organizational security policies
• Collaborate with ISSOs, system administrators, and developers to remediate vulnerabilities
• Support continuous monitoring and incident response activities
• Implement and manage security tools (SIEM, IDS/IPS, endpoint protection, etc.)
• Provide technical guidance on secure system architecture and design
• Stay current on emerging threats, vulnerabilities, and security technologies

• Active TS/SCI with Polygraph required.
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience)
• 5+ years of experience in information security, with focus on system security engineering
• Hands-on experience with RMF and NIST 800-53 controls
• Experience developing and maintaining A&A documentation (SSP, POA&M, ATO packages)
• Knowledge of operating systems (Windows, Linux) and network security principles
• Experience with vulnerability scanning tools (ACAS, Nessus, or similar)
• Familiarity with security tools such as SIEM, firewalls, and endpoint protection
• Understanding of encryption, identity management, and access control mechanisms