Information System Security Engineer

Who We’re Looking For (Position Overview):Spry Methods is seeking an Information Systems Security Engineer (ISSE) to support secure, mission-focused information systems in a high-impact government environment. The ISSE will contribute to the design, implementation, and maintenance of cybersecurity controls across enterprise and mission systems, working closely with engineering, operations, and security teams to ensure systems meet federal cybersecurity and authorization requirements.What Your Day-To-Day Looks Like (Position Responsibilities):Support the identification of information protection needs and security requirements for information systems and network environmentsContribute to the design and implementation of security architectures and security controls across system componentsAssist with security engineering activities throughout the system lifecycle, including requirements, design, implementation, testing, and operationsSupport the implementation of security measures that ensure confidentiality, integrity, availability, authentication, and non-repudiationParticipate in Risk Management Framework (RMF) activities, including security control implementation, assessment support, and continuous monitoringDevelop and maintain security documentation such as System Security Plans (SSPs), security control artifacts, POA&Ms, and ATO packagesAssist in assessing the security impact of system changes, enhancements, and architectural modificationsSupport vulnerability management efforts, including reviewing scan results and coordinating remediation actionsCollaborate with system engineers, network engineers, developers, and security stakeholders to support authorization activitiesWhat You Need to Succeed (Minimum Requirements):Top Secret (TS) Clearance with SCI eligibility3 - 5 years of demonstrated experience supporting cybersecurity or information assurance activities within enterprise or mission systemsWorking knowledge of the NIST Risk Management Framework (RMF), FISMA and ATO processesFamiliarity with common security assessment, vulnerability scanning, and monitoring tools (e.g., Nessus, NMAP, Guardium, WebInspect, or similar)Understanding of system and network security principles, including access control, boundary protection, and secure system designExperience supporting cloud security in environments such as AWS GovCloud, C2S, SC2S, and Microsoft AzureAnalyze logs using Splunk and AWS toolsAbility to document security controls and communicate technical information clearanceHands-on experience with vulnerability assessment and configuration tools such as Nessus, ACSA, and SplunkIdeally, You Also Have (Preferred Qualifications):Certifications: CISSP, CISM, CASP+ CECAP, Security+, AWS Certified Security - Specialty, or other relevant certificationsExperience in a high-side or multi-enclave (U/S/TS) environmentExperience working with Agile development teams and CI/CD pipelinesFamiliarity with NIST 800-53 Rev. 5We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.