Job Requirements
Washington, DC
Top Secret Polygraph not specified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Tygart Technology is seeking a Senior Information System Security Engineer (ISSE) with a strong software development focus to help build and secure modern applications. In this role, you’ll work closely with developers, architects, and security teams to integrate security throughout the software development lifecycle (SDLC), ensuring systems are secure by design,not just after deployment.
You’ll lead efforts in DevSecOps, secure coding practices, and application security, while ensuring compliance with frameworks such as NIST, RMF, and DoD standards. This position is key to bridging the gap between cybersecurity requirements and real-world software engineering.
Key Responsibilities
Lead and mentor a team implementing the full RMF lifecycle across client systems
Oversee planning efforts, ensuring clear ownership, roles, and risk management strategies
Guide system categorization based on mission impact and regulatory requirements
Direct the selection, tailoring, and documentation of security controls
Oversee implementation of technical, operational, and management controls across system and application lifecycles
Analyze vulnerability scan results and provide actionable mitigation recommendations
Ensure security control assessments are properly planned, executed, and documented
Prepare risk management documentation to support system authorization decisions
Lead continuous monitoring and ongoing assessment activities to maintain compliance
Serve as a senior cybersecurity advisor supporting risk analysis, incident response, remediation, and audits
Promote security awareness through training and collaboration with technical teams
Track and communicate security risks, status, and improvements to leadership
Software & DevSecOps Focus:
Integrate security into the SDLC and DevSecOps pipelines
Support architecture reviews and system design risk assessments
Promote and enforce secure coding practices
Conduct and support threat modeling activities
Assess and secure CI/CD pipelines and Infrastructure-as-Code (IaC) implementations
Collaborate closely with developers and engineers to identify and mitigate risks early in development
Qualifications
Active Top Secret clearance
Bachelor’s degree in Computer Science, Cybersecurity, or related field
A minimum of 8 years of relevant experience in cybersecurity or information assurance
Experience with tools such as Tenable Nessus, SecurityCenter, IBM Guardium, Nmap, or similar
One or more of the following certifications:
Certified Information Systems Security Professional (CISSP) (or Associate)
CompTIA Advanced Security Practitioner (CASP)
Certified Secure Software Lifecycle Professional (CSSLP)
CISSP- Information System Security Engineering Professional (ISSEP)
CISSP- Information System Security Architecture Professional (ISSAP)
Experience leading cross-functional cybersecurity and engineering teams
Strong program management experience, including budgeting, reporting, and team oversight
Hands-on experience applying NIST RMF in enterprise or government environments
Experience developing security documentation (SOPs, compliance artifacts, QA programs)
Experience supporting federal cybersecurity initiatives and assessments
Software Security & DevSecOps Experience:
Secure SDLC and DevSecOps practices
Application security testing (SAST, DAST, SCA)
Threat modeling and secure design reviews
Experience supporting software development in DevOps environments
Familiarity with Agile development methodologies
Preferred Qualifications
Advanced degree in Computer Science, Cybersecurity, or related field
Hands-on software development experience
CISM certification
Experience with programming languages such as Python, Java, C#, .NET, or similar
You’ll lead efforts in DevSecOps, secure coding practices, and application security, while ensuring compliance with frameworks such as NIST, RMF, and DoD standards. This position is key to bridging the gap between cybersecurity requirements and real-world software engineering.
Key Responsibilities
Lead and mentor a team implementing the full RMF lifecycle across client systems
Oversee planning efforts, ensuring clear ownership, roles, and risk management strategies
Guide system categorization based on mission impact and regulatory requirements
Direct the selection, tailoring, and documentation of security controls
Oversee implementation of technical, operational, and management controls across system and application lifecycles
Analyze vulnerability scan results and provide actionable mitigation recommendations
Ensure security control assessments are properly planned, executed, and documented
Prepare risk management documentation to support system authorization decisions
Lead continuous monitoring and ongoing assessment activities to maintain compliance
Serve as a senior cybersecurity advisor supporting risk analysis, incident response, remediation, and audits
Promote security awareness through training and collaboration with technical teams
Track and communicate security risks, status, and improvements to leadership
Software & DevSecOps Focus:
Integrate security into the SDLC and DevSecOps pipelines
Support architecture reviews and system design risk assessments
Promote and enforce secure coding practices
Conduct and support threat modeling activities
Assess and secure CI/CD pipelines and Infrastructure-as-Code (IaC) implementations
Collaborate closely with developers and engineers to identify and mitigate risks early in development
Qualifications
Active Top Secret clearance
Bachelor’s degree in Computer Science, Cybersecurity, or related field
A minimum of 8 years of relevant experience in cybersecurity or information assurance
Experience with tools such as Tenable Nessus, SecurityCenter, IBM Guardium, Nmap, or similar
One or more of the following certifications:
Certified Information Systems Security Professional (CISSP) (or Associate)
CompTIA Advanced Security Practitioner (CASP)
Certified Secure Software Lifecycle Professional (CSSLP)
CISSP- Information System Security Engineering Professional (ISSEP)
CISSP- Information System Security Architecture Professional (ISSAP)
Experience leading cross-functional cybersecurity and engineering teams
Strong program management experience, including budgeting, reporting, and team oversight
Hands-on experience applying NIST RMF in enterprise or government environments
Experience developing security documentation (SOPs, compliance artifacts, QA programs)
Experience supporting federal cybersecurity initiatives and assessments
Software Security & DevSecOps Experience:
Secure SDLC and DevSecOps practices
Application security testing (SAST, DAST, SCA)
Threat modeling and secure design reviews
Experience supporting software development in DevOps environments
Familiarity with Agile development methodologies
Preferred Qualifications
Advanced degree in Computer Science, Cybersecurity, or related field
Hands-on software development experience
CISM certification
Experience with programming languages such as Python, Java, C#, .NET, or similar
group id: RTL222492