CT Information Systems Security Engineer

PLEASE NOTE: This position requires an ACTIVE Top Secret/SCI Clearance. To be considered for this position, you MUST have an ACTIVE Clearance Level of Top Secret/SCIPosition Code: 07-SC0326-1Location: Tysons or WarrentonJOB DESCRIPTION:The ISSE will lead and execute security engineering activities across complex, enterprise-scale environments. This role requires deep technical expertise across infrastructure, platforms, and applications, combined with expert-level, hands-on experience implementing the NIST Risk Management Framework (RMF) within federal government environments. The ideal candidate is a technical practitioner, not just an advisor – someone who can design, implement, assess, and secure systems end-to-end while directly supporting system authorization, continuous monitoring, and risk based decision-making. This role also serves as the technical focal point for all security incidents, leading triage, investigation, and resolution efforts in coordination with program and enterprise security teams.QUALIFICATIONS:Bachelor’s Degree in Computer Science, IT, or a related technical discipline, or the equivalent combination of education, technical training, or work/military experienceMinimum ten (10) years of related cyber security engineering experienceREQUIRED KNOWLEDGE/SKILLS: Proven hands-on Cyber Security Engineer SME, not policy-only or audit-onlyComfortable working across network, system, platform, and application layersDeep understanding of how security controls are actually implemented and validatedExperience in federal RMF-driven environmentsAble to bridge security, engineering, and compliance effectivelyExperienced in managing security incidents from detection through resolutionSkilled at balancing immediate incident response needs with long-term security improvementsEffective collaborator across organizational boundaries during high-pressure security eventsOperate independently as the technical authority for system security engineeringDemonstrate the ability to provide technical hands-on configuration, validation, and assessment of security controlsTranslate RMF and NIST requirements into real-world technical implementationsCommunicate complex technical security issues clearly to both technical and non-technical stakeholdersMaintain a strong balance between security compliance and operational practicalityLead rapid response to security incidents with minimal guidanceDemonstrate strong analytical and troubleshooting skills under pressure during active security eventsEffectively communicate incident status, impact, and remediation progress to technical and leadership audiencesSecurity & ComplianceExpert-level experience with NIST Risk Management Framework (RMF) in federal government environmentsStrong knowledge of:NIST SP 800-53NIST SP 800-37NIST SP 800-30Direct involvement I ATO packages, control implementation, and assessmentsHands-on experience with Security Information and Event Management (SIEM) platforms (e.g., Splunk, ELK Stack, ArcSight, QRadar)Demonstrated experience in security incident detection, analysis, and responseProven ability to triage security alerts and determine criticality and impactInfrastructure & Platforms (Hands-On)Networking (e.g., routing, switching, firewalls, load balancers, network security controls)Operating Systems:Windows ServerLinux (RHEL, CentOS)Virtualization and storage platformsDatabases (SQL and/or NoSQL)Data platforms (e.g., HPCC, Hadoop/Cloudera)Web services, APIs, and application architecturesSoftware development environments and CI/CD pipelinesSecurity tooling (e.g., vulnerability scanners, endpoint protection, SIEM)Engineering ExperienceSecurity engineering and system hardeningVulnerability discovery and remediationSecure system design and architecture reviewsTechnical documentation supporting RMF complianceExperience in cloud environments (AWS, Azure, GCP, CI) within federal RMF contextsExperience with DevSecOps practicesDESIRED SKILLS: Hands-on experience with containerization and orchestration (Docker, Kubernetes)Hands-on experience with infrastructure-as-codeKnowledge of federal overlays (e.g., DoD, FISMA High/Moderate)Relevant certifications (preferred, not required):CISSPCAPCISMSecurity+Cloud SecurityCertified Ethical HackerExperience with guiding and directing junior engineers and information systems security officer (ISSO)Experience with security orchestration, automation, and response (SOAR) platformsBackground in threat hunting and proactive security monitoringRelevant incident response certificationsKEY RESPONSIBILITIES: Serve as the Cyber Security Engineer SME, providing hands-on security engineering across all system layers (infrastructure, platform, and application)Engineer, implement, and validate security controls in accordance with NIST SP 800-53 and RMF requirementsLead and support RMF lifecycle activities (Categorize, Select, Implement, Assess, Authorize, Monitor)Perform security engineering for:Network architectures and boundary protectionsWindows and Linux operating systemsStorage and virtualization platformsDatabases and data platformsWeb services, APIs, and application stacksCustom and COTS/GOTS software solutionsProvide technical input to RMF artifacts, including:System Security Plans (SSP)Security Control Assessments (SCA) supportPOA&MsRisk assessments and security impact analysesCollaborate with system owners, architects, developers, ad operations teams to embed security into system design and implementationSupport ATO, re-authorization, and continuous monitoring activitiesIdentify security risks and provide practical, technically sound mitigation strategiesParticipate in security reviews, technical design reviews, and vulnerability remediation effortsServe as technical l point of contact for all security incidents affecting the programLead triage and analysis of new security alerts from SIEM, IDS/IPS, and other security monitoring toolsDrive remediation efforts for recurring security alerts, identifying root causes and implementing systemic fixesCoordinate incident response activities between program stakeholders and enterprise security operationsAct as primary liaison between program teams and enterprise security for incident escalation, resolution, and reportingPerform forensic analysis and technical investigations of security eventsDocument security incidents, response actions, and lessons learnedDevelop and maintain runbooks and playbooks for common security incident types