Job Requirements
Reston, VA
Top Secret/SCI Polygraph
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Senior Information Systems Security Engineer
TS/SCI with polygraph
Reston, VA
Company Overview:
Cornerstone Defense is the Employer of Choice within the Intelligence, Defense, and Space communities of the U.S. Government. Realizing early on that our most prized assets are our employees, we continually focus our attention on improving the overall work/life experience they have supporting the mission. Our Team is pushed every day to use their industry leading knowledge to provide end-to-end solutions to combat our nation's toughest and most secure problems. If you are looking for a place to not only be professionally challenged, but encouraged and supported by a company that cares, don't look any further than Cornerstone Defense.
Benefits Overview :
Cornerstone Defense offers a very comprehensive benefits package including, but not limited to: Medical, Dental and Vision Plans * Generous PTO Policy * 401(k) * HSA and FSA options * Life and Disability Insurance * Tuition Reimbursement and Training * Perks at Work Discount Program * Referral Program * Leads Generation Program * CollegeAmerica 529 * Fitness Reimbursement Program * Travel Assistance * Norton Lifelock Benefit Solutions * Life Planning Financial & Legal Services *
We are seeking a highly skilled, hands-on Senior Information Systems Security Engineer (ISSE) to secure mission-critical systems across hybrid, cloud, and air-gapped environments. The ideal candidate brings deep technical expertise in RMF, STIG compliance, vulnerability scanning, continuous monitoring, and secure system engineering-someone who is actively involved in building and configuring secure solutions rather than simply reviewing them. In this role, you will design, engineer, assess, and sustain security controls across complex system architectures, ensuring compliance, operational readiness, and mission resilience.
What you'll do:
• Engineer, implement, and manage security solutions (firewalls, IDS/IPS, endpoint protection, encryption)
• Perform security assessments across systems, applications, and networks
• Implement, validate, and maintain RMF NIST 800-53 controls across on-prem, cloud, and air-gapped systems
• Conduct STIG checks, hardening, and secure configuration updates for OS, applications, network devices, and cloud resources
• Run ACAS/Tenable scans, analyze vulnerabilities, and drive remediation with engineering teams
• Configure log ingestion, parsing, and data flows into SIEM platforms (Splunk), and build dashboards and alerts
• Monitor network traffic, logs, and events to detect anomalies and security threats
• Conduct incident investigations and provide technical recommendations for mitigation
• Maintain and enhance incident response plans and continuous monitoring procedures
• Engineer, configure, and modify secure system and network baselines
• Analyze and troubleshoot network protocols, packet flows, and configuration issues
• Produce RMF artifacts, POA&Ms, scan reports, dashboards, and security documentation
• Collaborate with DevSecOps, system engineering, IT, and development teams to embed security into the lifecycle
• Write user stories, define security acceptance criteria, and support regression testing
• Perform system assessments and security engineering within air-gapped and restricted networks
• Support ongoing continuous monitoring activities and security control reviews
What you'll need
• 7+ years cybersecurity/ISSE experience designing, implementing, and assessing security controls
• Strong experience with RMF, NIST 800-53, STIGs, ICD 503, FISMA, FedRAMP
• SIEM experience, including log configuration, dashboards, and analytics (Splunk preferred)
• Hands-on ACAS/Tenable vulnerability scanning and analysis
• Cloud security experience (AWS/Azure/GovCloud) in IL5-IL6 environments
• Strong understanding of network protocols, OS internals, and infrastructure security
• Skilled in incident response and forensic analysis
• Experience with tools such as Fortify, Acunetix, and Prisma Cloud
• Experience configuring/modifying secure system and network baselines
• Familiarity with agile workflows, user stories, and regression testing
• Experience working in air-gapped or disconnected environments
• Strong communication skills for both technical and non-technical audiences
• CISSP or DoD 8140-approved certification
• Active TS/SCI with CI poly
TS/SCI with polygraph
Reston, VA
Company Overview:
Cornerstone Defense is the Employer of Choice within the Intelligence, Defense, and Space communities of the U.S. Government. Realizing early on that our most prized assets are our employees, we continually focus our attention on improving the overall work/life experience they have supporting the mission. Our Team is pushed every day to use their industry leading knowledge to provide end-to-end solutions to combat our nation's toughest and most secure problems. If you are looking for a place to not only be professionally challenged, but encouraged and supported by a company that cares, don't look any further than Cornerstone Defense.
Benefits Overview :
Cornerstone Defense offers a very comprehensive benefits package including, but not limited to: Medical, Dental and Vision Plans * Generous PTO Policy * 401(k) * HSA and FSA options * Life and Disability Insurance * Tuition Reimbursement and Training * Perks at Work Discount Program * Referral Program * Leads Generation Program * CollegeAmerica 529 * Fitness Reimbursement Program * Travel Assistance * Norton Lifelock Benefit Solutions * Life Planning Financial & Legal Services *
We are seeking a highly skilled, hands-on Senior Information Systems Security Engineer (ISSE) to secure mission-critical systems across hybrid, cloud, and air-gapped environments. The ideal candidate brings deep technical expertise in RMF, STIG compliance, vulnerability scanning, continuous monitoring, and secure system engineering-someone who is actively involved in building and configuring secure solutions rather than simply reviewing them. In this role, you will design, engineer, assess, and sustain security controls across complex system architectures, ensuring compliance, operational readiness, and mission resilience.
What you'll do:
• Engineer, implement, and manage security solutions (firewalls, IDS/IPS, endpoint protection, encryption)
• Perform security assessments across systems, applications, and networks
• Implement, validate, and maintain RMF NIST 800-53 controls across on-prem, cloud, and air-gapped systems
• Conduct STIG checks, hardening, and secure configuration updates for OS, applications, network devices, and cloud resources
• Run ACAS/Tenable scans, analyze vulnerabilities, and drive remediation with engineering teams
• Configure log ingestion, parsing, and data flows into SIEM platforms (Splunk), and build dashboards and alerts
• Monitor network traffic, logs, and events to detect anomalies and security threats
• Conduct incident investigations and provide technical recommendations for mitigation
• Maintain and enhance incident response plans and continuous monitoring procedures
• Engineer, configure, and modify secure system and network baselines
• Analyze and troubleshoot network protocols, packet flows, and configuration issues
• Produce RMF artifacts, POA&Ms, scan reports, dashboards, and security documentation
• Collaborate with DevSecOps, system engineering, IT, and development teams to embed security into the lifecycle
• Write user stories, define security acceptance criteria, and support regression testing
• Perform system assessments and security engineering within air-gapped and restricted networks
• Support ongoing continuous monitoring activities and security control reviews
What you'll need
• 7+ years cybersecurity/ISSE experience designing, implementing, and assessing security controls
• Strong experience with RMF, NIST 800-53, STIGs, ICD 503, FISMA, FedRAMP
• SIEM experience, including log configuration, dashboards, and analytics (Splunk preferred)
• Hands-on ACAS/Tenable vulnerability scanning and analysis
• Cloud security experience (AWS/Azure/GovCloud) in IL5-IL6 environments
• Strong understanding of network protocols, OS internals, and infrastructure security
• Skilled in incident response and forensic analysis
• Experience with tools such as Fortify, Acunetix, and Prisma Cloud
• Experience configuring/modifying secure system and network baselines
• Familiarity with agile workflows, user stories, and regression testing
• Experience working in air-gapped or disconnected environments
• Strong communication skills for both technical and non-technical audiences
• CISSP or DoD 8140-approved certification
• Active TS/SCI with CI poly
group id: 90751604
