Posted today
Public Trust
Senior Level Career (10+ yrs experience)
$175,000 - $185,000
IT - Security
We are seeking a Lead Information Systems Security Engineer (ISSE) to provide technical leadership and hands-on security engineering support for federal cloud and enterprise systems. This role focuses on securing cloud-based architectures, integrating security across the system lifecycle, and supporting Information System Security Officers (ISSOs) with authorization and accreditation activities.
5 years New Award
Bachelor’s Degree in Information Technology or Engineering
Hybrid 3 days Onsite 2 days from Home
Location: 1155 21st Street, NW, Washington, D.C.
Clearance: Must be a US Citizen Active Public Trust Required- (Cannot Hold Clearance)
________________________________________
Responsibilities
• Lead the design and implementation of secure IT and cloud solutions in Microsoft Azure and Amazon Web Services (AWS)
• Integrate security requirements throughout the system development lifecycle, including application development and deployment pipelines
• Design and assess secure system and cloud architectures, including Azure VNets, NSGs, Azure Firewall, Private Endpoints, and AWS VPCs, subnets, route tables, security groups, and network ACLs
• Provide technical and engineering support to ISSOs performing RMF and A&A activities
• Conduct security impact assessments for system, architecture, application, and configuration changes
• Perform threat modeling to identify, analyze, and mitigate risks associated with application and infrastructure design changes
• Execute Supply Chain Risk Management (SCRM) activities aligned with NIST SP 800-161
• Evaluate SaaS, applications, and government solutions for compliance with NIST, FedRAMP, and federal security requirements
• Apply application security best practices, including secure coding principles, dependency management, and vulnerability remediation
• Support DevSecOps practices by integrating security controls, scanning, and monitoring into CI/CD pipelines
• Apply security best practices to Kubernetes, containers, and Infrastructure as Code (Terraform)
• Collaborate with SOC teams to verify log capture, security monitoring, access control enforcement, and ongoing alerting within defined RMF authorization boundaries
• Contribute to security architecture documentation, technical standards, and risk-based recommendations
• Mentor junior team members and provide technical guidance
________________________________________
Qualifications
• Bachelor’s degree in Cybersecurity, IT, Engineering, or related field
• 8+ years of cybersecurity or ISSE experience
• Strong networking experience, including TCP/IP, routing and switching, firewalls, VPNs, load balancing, and cloud networking
• Demonstrated experience with Azure and AWS networking services
• Experience with application security and DevSecOps in cloud-based environments
• Strong knowledge of NIST RMF, FedRAMP, NIST SP 800-161, and Common Criteria
• Experience conducting security impact assessments and threat modeling
• Experience with Kubernetes, containers, and Infrastructure as Code preferred
• Experience collaborating with SOC teams for continuous monitoring and alerting
• Strong communication and leadership skills
________________________________________
Preferred Certifications
• CISSP or equivalent cybersecurity certification or equivalent
5 years New Award
Bachelor’s Degree in Information Technology or Engineering
Hybrid 3 days Onsite 2 days from Home
Location: 1155 21st Street, NW, Washington, D.C.
Clearance: Must be a US Citizen Active Public Trust Required- (Cannot Hold Clearance)
________________________________________
Responsibilities
• Lead the design and implementation of secure IT and cloud solutions in Microsoft Azure and Amazon Web Services (AWS)
• Integrate security requirements throughout the system development lifecycle, including application development and deployment pipelines
• Design and assess secure system and cloud architectures, including Azure VNets, NSGs, Azure Firewall, Private Endpoints, and AWS VPCs, subnets, route tables, security groups, and network ACLs
• Provide technical and engineering support to ISSOs performing RMF and A&A activities
• Conduct security impact assessments for system, architecture, application, and configuration changes
• Perform threat modeling to identify, analyze, and mitigate risks associated with application and infrastructure design changes
• Execute Supply Chain Risk Management (SCRM) activities aligned with NIST SP 800-161
• Evaluate SaaS, applications, and government solutions for compliance with NIST, FedRAMP, and federal security requirements
• Apply application security best practices, including secure coding principles, dependency management, and vulnerability remediation
• Support DevSecOps practices by integrating security controls, scanning, and monitoring into CI/CD pipelines
• Apply security best practices to Kubernetes, containers, and Infrastructure as Code (Terraform)
• Collaborate with SOC teams to verify log capture, security monitoring, access control enforcement, and ongoing alerting within defined RMF authorization boundaries
• Contribute to security architecture documentation, technical standards, and risk-based recommendations
• Mentor junior team members and provide technical guidance
________________________________________
Qualifications
• Bachelor’s degree in Cybersecurity, IT, Engineering, or related field
• 8+ years of cybersecurity or ISSE experience
• Strong networking experience, including TCP/IP, routing and switching, firewalls, VPNs, load balancing, and cloud networking
• Demonstrated experience with Azure and AWS networking services
• Experience with application security and DevSecOps in cloud-based environments
• Strong knowledge of NIST RMF, FedRAMP, NIST SP 800-161, and Common Criteria
• Experience conducting security impact assessments and threat modeling
• Experience with Kubernetes, containers, and Infrastructure as Code preferred
• Experience collaborating with SOC teams for continuous monitoring and alerting
• Strong communication and leadership skills
________________________________________
Preferred Certifications
• CISSP or equivalent cybersecurity certification or equivalent
group id: 10191027
