Posted today
Top Secret/SCI
Mid Level Career (5+ yrs experience)
$100,000 - $215,000
100%
Full Scope Polygraph
IT - Security
Dulles, VA (On-Site/Office)
About Q-Code Technologies
At Q-Code Technologies, We strive to provide our clients with quality, accuracy, and a
commitment to enhancing their bottom line. We’re able to deliver an exceptional product
because Q-Code employees are passionate and proud of the work they do, never sacrificing
excellence for a cut corner. Our organization was founded on creating innovative products,
custom solutions, and technical proficiency while understanding our client’s need for
confidentiality and expediency.
As important to us as our clients’ satisfaction is our employees’ professional and personal
well-being. Every member of our team is vital to our success, and we encourage longevity by
not only offering exciting, challenging, and pioneering professional opportunities, but also a
compensation and benefits package that affects positive and lasting change in the lives of our
staff.
Q-Code Technologies is searching for experienced ISSE’s in the Northern Virginia area who
possess the required Security Clearance.
If you’re looking for a Full-Time opportunity within the IT arena with an employer who is willing to
invest in your personal, professional, and financial future, please apply today for immediate
consideration.
**An ACTIVE TS/SCI Security Clearance and Full-Scope Polygraph are required for this role**
What We Offer
- $100,000 - $215,000 salary, depending on experience
- 4 weeks of Paid Time Off & 10 Paid Federal Holidays
- Tuition Assistance/Skills Training or Student Loan Repayment
- 3% 401K Matching
,- 100% Paid Premiums for Medical Coverage (Employee & Family)
- 100% Paid Premiums for Vision & Dental for (Employee & Family)
- 100% Paid Employee Assistance Program
- Life Insurance, Short- & Long-Term Disability
- Employee Referral Program ($5,000 for each successful referral)
- Flexible Spending Account Available
Overview
The Information System Security Engineer (ISSE) provides technical, programmatic, and
Assessment & Authorization (A&A) support across complex systems and environments. This
role ensures the development, implementation, and maintenance of robust information security
policies, requirements, and procedures throughout the organization’s business processes. The
ISSE works closely with engineering, system administration, and cybersecurity teams to design,
implement, validate, and maintain secure system architectures aligned with the Risk
Management Framework (RMF) and customer-specific compliance requirements.
Responsibilities
Security Engineering & Architecture
- Define information security requirements and integrate them into information systems
and technology components through purposeful and compliant security design.
- Develop and implement security designs ensuring hardware, operating systems, and
software applications meet cybersecurity requirements and Security Controls
Traceability Matrix (SCTM) needs.
- Provide information assurance support for the development and implementation of
secure system architectures that meet evolving security requirements.
- Identify points of vulnerability, non-compliance with Information Assurance (IA)
standards, and recommend mitigation strategies.
- Recommend enhancements to strengthen cybersecurity posture.
Assessment & Authorization (A&A)
- Review documentation using established guidelines such as RMF and ensure
applications are fully prepared for A&A evaluation.
- Support the development and refinement of A&A documentation including System
Security Plans (SSPs), Contingency Plans (CPs), Security Test Procedures (STPs), and
Plans of Actions and Milestones (PO&AMs).
- Support security authorization activities in accordance with NIST RMF, CNSSI 1253, and
customer-specific certification and accreditation processes.
- Assist architects and systems developers in implementing appropriate information
security functionality and consistent policy application.
Security Implementation & Compliance
- Implement and validate Security Technical Implementation Guide (STIG) requirements
and/or perform SRG assessments across development and implementation projects.
- Conduct self-assessments and validate security control implementations to ensure
proper data access enforcement and network flow restrictions.
- Execute continuous monitoring activities including responding to data calls, scan
requests, and weekly/monthly security metrics reporting requirements.
Vulnerability Management & Threat Analysis
- Conduct risk analysis by reviewing ACAS scans, CVEs, plugins, CWEs, and collaborate
with system administrators to mitigate vulnerabilities.
- Author and maintain PO&AMs as required.
- Participate in incident handling, configuration control, contingency planning, change
management, auditing, and risk management activities.
Tools & Automation
- Develop, customize, and configure Splunk applications and dashboards.
- Leverage Green Light and other customer accreditation tools for A&A processes.
- Support SRG/STIG implementation and validation efforts across system lifecycles.
Collaboration & Reporting
- Participate in Agile planning events and provide technical input throughout development
cycles.
- Support government activities and report to appropriate IC and DoD authorities (e.g.,
USCYBERCOM, IC-SCC).
- Work collaboratively across teams and manage multiple concurrent projects.
- Communicate effectively with Security Officers, technical teams, and leadership.
Required Qualifications
- TS/SCI with Polygraph (active)
- BA/BS + 8 years of experience, or Master’s + 6 years; additional 4 years of experience
may substitute for a degree
- Demonstrated experience with the customer’s Assessment & Authorization (A&A)
process
- Experience with accreditation tools, including Green Light
- Strong understanding of customer cybersecurity policies and compliance requirements
- Proven ability to develop A&A documentation and contribute to security architecture
development
- Strong communication skills and the ability to work across interdisciplinary teams
- Experience operating in high-security environments with Security Officers and technical
staff
- Strong understanding of cybersecurity principles, including:
○ Confidentiality, integrity, availability, access control
○ Authentication, authorization, auditing
○ Secure engineering life cycles
○ Cryptography (COTS/GOTS), intrusion detection, domain separation
Q-Code Technologies offers Equal Employment Opportunities (EEO) to all employees and job
applicants without regard to race, color, religion, sex, national origin, age, disability, veteran
status, or genetics. We comply with federal, state, and local laws regarding employment
nondiscrimination in all our facilities. This policy applies to all terms and conditions of
employment, including recruiting, hiring, placement, promotion, termination, layoff, recall,
transfer, leaves of absence, compensation, and training.
At Q-Code Technologies, We strive to provide our clients with quality, accuracy, and a
commitment to enhancing their bottom line. We’re able to deliver an exceptional product
because Q-Code employees are passionate and proud of the work they do, never sacrificing
excellence for a cut corner. Our organization was founded on creating innovative products,
custom solutions, and technical proficiency while understanding our client’s need for
confidentiality and expediency.
As important to us as our clients’ satisfaction is our employees’ professional and personal
well-being. Every member of our team is vital to our success, and we encourage longevity by
not only offering exciting, challenging, and pioneering professional opportunities, but also a
compensation and benefits package that affects positive and lasting change in the lives of our
staff.
Q-Code Technologies is searching for experienced ISSE’s in the Northern Virginia area who
possess the required Security Clearance.
If you’re looking for a Full-Time opportunity within the IT arena with an employer who is willing to
invest in your personal, professional, and financial future, please apply today for immediate
consideration.
**An ACTIVE TS/SCI Security Clearance and Full-Scope Polygraph are required for this role**
What We Offer
- $100,000 - $215,000 salary, depending on experience
- 4 weeks of Paid Time Off & 10 Paid Federal Holidays
- Tuition Assistance/Skills Training or Student Loan Repayment
- 3% 401K Matching
,- 100% Paid Premiums for Medical Coverage (Employee & Family)
- 100% Paid Premiums for Vision & Dental for (Employee & Family)
- 100% Paid Employee Assistance Program
- Life Insurance, Short- & Long-Term Disability
- Employee Referral Program ($5,000 for each successful referral)
- Flexible Spending Account Available
Overview
The Information System Security Engineer (ISSE) provides technical, programmatic, and
Assessment & Authorization (A&A) support across complex systems and environments. This
role ensures the development, implementation, and maintenance of robust information security
policies, requirements, and procedures throughout the organization’s business processes. The
ISSE works closely with engineering, system administration, and cybersecurity teams to design,
implement, validate, and maintain secure system architectures aligned with the Risk
Management Framework (RMF) and customer-specific compliance requirements.
Responsibilities
Security Engineering & Architecture
- Define information security requirements and integrate them into information systems
and technology components through purposeful and compliant security design.
- Develop and implement security designs ensuring hardware, operating systems, and
software applications meet cybersecurity requirements and Security Controls
Traceability Matrix (SCTM) needs.
- Provide information assurance support for the development and implementation of
secure system architectures that meet evolving security requirements.
- Identify points of vulnerability, non-compliance with Information Assurance (IA)
standards, and recommend mitigation strategies.
- Recommend enhancements to strengthen cybersecurity posture.
Assessment & Authorization (A&A)
- Review documentation using established guidelines such as RMF and ensure
applications are fully prepared for A&A evaluation.
- Support the development and refinement of A&A documentation including System
Security Plans (SSPs), Contingency Plans (CPs), Security Test Procedures (STPs), and
Plans of Actions and Milestones (PO&AMs).
- Support security authorization activities in accordance with NIST RMF, CNSSI 1253, and
customer-specific certification and accreditation processes.
- Assist architects and systems developers in implementing appropriate information
security functionality and consistent policy application.
Security Implementation & Compliance
- Implement and validate Security Technical Implementation Guide (STIG) requirements
and/or perform SRG assessments across development and implementation projects.
- Conduct self-assessments and validate security control implementations to ensure
proper data access enforcement and network flow restrictions.
- Execute continuous monitoring activities including responding to data calls, scan
requests, and weekly/monthly security metrics reporting requirements.
Vulnerability Management & Threat Analysis
- Conduct risk analysis by reviewing ACAS scans, CVEs, plugins, CWEs, and collaborate
with system administrators to mitigate vulnerabilities.
- Author and maintain PO&AMs as required.
- Participate in incident handling, configuration control, contingency planning, change
management, auditing, and risk management activities.
Tools & Automation
- Develop, customize, and configure Splunk applications and dashboards.
- Leverage Green Light and other customer accreditation tools for A&A processes.
- Support SRG/STIG implementation and validation efforts across system lifecycles.
Collaboration & Reporting
- Participate in Agile planning events and provide technical input throughout development
cycles.
- Support government activities and report to appropriate IC and DoD authorities (e.g.,
USCYBERCOM, IC-SCC).
- Work collaboratively across teams and manage multiple concurrent projects.
- Communicate effectively with Security Officers, technical teams, and leadership.
Required Qualifications
- TS/SCI with Polygraph (active)
- BA/BS + 8 years of experience, or Master’s + 6 years; additional 4 years of experience
may substitute for a degree
- Demonstrated experience with the customer’s Assessment & Authorization (A&A)
process
- Experience with accreditation tools, including Green Light
- Strong understanding of customer cybersecurity policies and compliance requirements
- Proven ability to develop A&A documentation and contribute to security architecture
development
- Strong communication skills and the ability to work across interdisciplinary teams
- Experience operating in high-security environments with Security Officers and technical
staff
- Strong understanding of cybersecurity principles, including:
○ Confidentiality, integrity, availability, access control
○ Authentication, authorization, auditing
○ Secure engineering life cycles
○ Cryptography (COTS/GOTS), intrusion detection, domain separation
Q-Code Technologies offers Equal Employment Opportunities (EEO) to all employees and job
applicants without regard to race, color, religion, sex, national origin, age, disability, veteran
status, or genetics. We comply with federal, state, and local laws regarding employment
nondiscrimination in all our facilities. This policy applies to all terms and conditions of
employment, including recruiting, hiring, placement, promotion, termination, layoff, recall,
transfer, leaves of absence, compensation, and training.
group id: 91124263
