Information Systems Security Engineer, Senior (ISSE)

Overview

The Information Systems Security Engineer, Senior (ISSE) plays a critical role in implementing, maintaining, and advancing security engineering practices to safeguard the information systems and services. This role collaborates with stakeholders across multiple teams to ensure that security features align with federal, and NIST Risk Management Framework (RMF) standards. The ISSE ensures the confidentiality, integrity, and availability of the CJIS Division's information systems, driving compliance with security policies throughout system lifecycles. This role directly supports the mission to maintain secure information sharing between the CJIS Division and its customers.

This position performs all duties and responsibilities in accordance with the Mission, Vision, and Core Values of Cayuse.

Responsibilities

The Senior Information Systems Security Engineer (ISSE) will be responsible for the following:

• Oversee the implementation of FBI security policies and support ongoing Security Assessment and Authorization (SAA) efforts.
• Collaborate with business lines and ITMS value streams to determine security authorization boundaries in alignment with NIST RMF standards.
• Ensure that new or modified systems meet stringent security requirements throughout their life cycle.
• Perform regular security risk assessments, vulnerability scans, and penetration testing on systems.
• Conduct functional testing of system components to validate adherence to federal security policies and requirements.
• Support CJIS Security Assessment Services (CSAS) by leveraging advanced cybersecurity tools and techniques to monitor threats and address vulnerabilities.
• Assist in the development of security architecture frameworks for new capabilities and modifications to existing systems.
• Identify security mechanisms and allocate controls across system elements, ensuring secure system design while optimizing performance.
• Support CJIS incident response initiatives, including managing the Vulnerability Assessment Lab (VAL).
• Develop and implement precautionary measures to prevent malicious attacks or activities across critical systems.
• Assist with the installation, configuration, and maintenance of security-specific operating systems, tools, and applications.
• Ensure system security measures, such as logging, multi-factor authentication, endpoint detection, and encryption, are fully operational and updated.
• Provide technical presentations, briefings, and knowledge transfers to team members and stakeholders.
• Develop and deliver security assessment reports, risk analyses, and status updates to stakeholders.
• Support the preparation of Security System Plans (SSPs), audit logs, and other compliance documentation.
• Use industry-standard tools, including Splunk, Tenable Security Center, BigFix, Atlassian JIRA/Confluence, and Red Hat Advanced Cluster Security for Kubernetes, to monitor, detect and respond to threats.
• Other duties as assigned.

Qualifications

• Master's degree in Computer Science, Information Systems, Cybersecurity, or a related field.
• A minimum of 10 years of experience in information systems security engineering or related technical roles.
• Proven work experience in NIST RMF standards, federal compliance standards, and cloud security engineering.
• Expertise in secure system design, security assessments, penetration testing, and risk mitigation strategies.
• Proficiency in using advanced monitoring and security tools, such as Splunk, Tenable, and BigFix.
• Certified Information Systems Security Professional (CISSP) certification required.
• Cloud certification preferred (e.g., AWS or Microsoft Azure-specific certifications).
• Active Top Secret security clearance.
• Must be able to pass a background check. May require additional background checks as required by projects and/or clients at any time during employment.

Minimum Skills Required:

• Must possess problem-solving skills.
• Exceptional communication skills, both oral and written
• Ability to respond effectively to customers with a sense of urgency.
• Proficient in Microsoft and Adobe toolsets, including Excel, Word, PowerPoint, Acrobat, etc.
• Highly motivated with the ability to handle and manage multiple tasks at any one time.
• Ability to forge new relationships, individual and teaming in nature.
• Must be a Self-starter, that can work independently and as part of a team.

Desired Qualifications:

• Certified Ethical Hacker (CEH)
• AWS or Azure Cloud Security certifications
• Scaled Agile Framework (SAFe) certifications
• Comprehensive knowledge of Continuous Integration/Continuous Delivery (CI/CD) pipelines, virtualization, and automation.
• Expert-level understanding of Scaled Agile Framework (SAFe) environments and DevSecOps practices.
• Proficiency in coding and scripting languages (e.g., Python, Java, PowerShell).
• Extensive hands-on experience with secure cloud technologies, including AWS and Microsoft Azure.

Other Duties: Please note this job description is not designed to cover or contain a comprehensive list of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Cayuse is an Equal Opportunity Employer. All employment decisions are based on merit, qualifications, skills, and abilities. All qualified applicants will receive consideration for employment in accordance with any applicable federal, state, or local law.

Pay Range

USD $160,000.00 - USD $200,000.00 /Yr.