Information system security engineer

Security Clearance

• Must be a U.S. Citizen
• Active TS/SCI clearance required
• Must have the ability to obtain a CI Polygraph

Education and Experience

• Bachelor's Degree in Computer Science, Information Technology, or a related field
  (or 10+ years of equivalent relevant experience)

Position Summary

Seeking an experienced Information System Security Engineer (ISSE) responsible for bridging the gap between high-level cybersecurity policies and their technical and operational implementation within DoD/IC environments.

The ISSE will:

• Collaborate closely with the Information System Security Manager (ISSM) and Program Manager
• Guide program and development teams through ICD-503 RMF accreditation
• Support system compliance, cybersecurity implementation, documentation, and continuous monitoring efforts
• Be part of a broader team managing hundreds of Linux-based virtual and bare-metal systems, with responsibilities including automation, DNS, FreeIPA, email, Jira, Elastic Stack, VMware, Veeam, and more
• Assume responsibility for A&A activities, patching, vulnerability scanning, configuration management, audit logging, and RMF documentation

Required Skills

• Extensive IA/InfoSec experience with IC systems, including:
  
  • Security CONOPS
  • SSPs
  • Security control assessments
  • Contingency/incident response/configuration management plans
  • POA&Ms
  • Vulnerability and compliance scanning and documentation
• Strong expertise in ICD-503 Certification & Accreditation (C&A) processes and documentation
• Experience with:
  
  • Security engineering, systems engineering, and network security architecture
  • Security principles and tools (e.g., firewalls, DMZs, encryption)
• Familiarity with RMF frameworks such as NIST SP 800-37, CNSS, and other compliance standards
• Experience supporting continuous monitoring using tools such as:
  
  • NESSUS, NMAP, Rapid7, WebInspect, AppDetective, Nipper
• Advanced problem-solving and analytical skills
• Experience assisting in A&A test and evaluation
• Ability to evaluate and advise on proposed security architectures and designs
• Strong collaboration and communication skills with program and development teams
• Security Certification: Security+ or CISSP

Desired Skills

• Experience with:
  
  • Red Hat Linux/Unix and Windows environments
  • RHCSE or equivalent certification
  • 5+ years as Linux system engineer/admin
• Cisco Certifications: CCNA, CCNA Security or equivalent
• Scripting in Linux/Unix for administration and file management
• Automation tools: Puppet, Ansible, Foreman
• ITSM platforms: SNOW, ServiceNow
• Source control tools: Git, GitLab, CVS, SVN
• Log aggregation for auditing from various sources (OS, network devices, applications)
• PKI, SSH, SSSD, HTTPD configuration and troubleshooting
• Cloud technologies: AWS or others
• Experience with:
  
  • IBM GPFS SAN storage
  • Bootstrapping HPE servers and configuring iLO and storage
  • Grafana, VMware vSAN, vCenter, Veeam
  • Databases: Oracle, MySQL
• Excellent writing skills for both technical and executive audiences