Job Requirements
Washington, DC
Top Secret Polygraph not specified
Senior Level Career (10+ yrs experience)
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Overview
NDi is seeking a highly experienced Information Systems Security Engineer (ISSE) – Subject Matter Expert (SME) to support enterprise cloud security engineering, authorization, compliance, and modernization initiatives within a complex federal cybersecurity environment.
This position serves as a senior technical authority supporting the secure design, implementation, assessment, and continuous monitoring of cloud-based and hybrid information systems. The selected candidate will provide expert-level cybersecurity engineering guidance supporting cloud adoption, security architecture, RMF implementation, vulnerability management, and enterprise modernization efforts across mission-critical systems and environments.
The ideal candidate possesses deep expertise in cloud security engineering, federal cybersecurity compliance, modern cloud architectures, and secure enterprise technology integration within highly regulated environments.
Requirements
U.S. Citizenship is required
Must possess an active Top Secret (TS) clearance at the time of application
Must have the ability to obtain and maintain a Counterintelligence (CI) Polygraph
Ability to obtain and maintain additional agency access as required
This position requires onsite support in Washington, DC
Qualifications & Experience
Education
Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, Engineering, or related technical discipline; or equivalent combination of education, training, and experience
Master’s degree preferred
Certifications
Required
Certified Information Systems Security Professional (CISSP) or
Certified Ethical Hacker (CEH)
Preferred
One or more cloud-related certifications preferred, such as:
AWS Certified Security – Specialty
AWS Solutions Architect
Microsoft Certified: Azure Security Engineer Associate
CCSP
Google Professional Cloud Security Engineer
Professional Experience
Ten (10) or more years of experience
supporting cybersecurity engineering, information assurance, or enterprise security operations
in secure design, analysis, and testing of information security systems and products
applying methods, standards, and approaches ensuring baseline security safeguards are properly implemented and documented
creating and updating security test plans for detecting and mitigating risks to information systems
Demonstrated experience supporting cloud security engineering within federal or highly regulated environments
Experience designing and implementing secure cloud and hybrid architectures
Experience supporting NIST RMF authorization and accreditation activities for cloud-based systems
Experience supporting enterprise modernization, cloud migration, and Zero Trust initiatives
Experience performing security architecture analysis, vulnerability remediation, and risk management activities
Experience supporting large-scale AWS, Azure, or hybrid cloud environments
Experience advising senior technical and executive stakeholders on cybersecurity strategy and risk
Certifications, prior experience, and demonstrated expertise may be considered in lieu of traditional years of experience requirements where applicable.
Domain Expertise
Expert understanding of:
Cloud security architecture and engineering
NIST Risk Management Framework (RMF)
FedRAMP
FISMA compliance requirements
Security authorization / ATO processes
Continuous monitoring
Zero Trust architecture
Identity and access management (IAM)
Container and Kubernetes security
DevSecOps and Infrastructure-as-Code (IaC)
Experience supporting:
Cloud security assessments
Security architecture reviews
Security control implementation and validation
Risk assessments and mitigation planning
POA&M management
Enterprise vulnerability management
Security automation and orchestration
Familiarity with:
AWS GovCloud
Azure Government
Cloud-native security tooling
SIEM and monitoring platforms
Endpoint and network security technologies
CI/CD pipeline security
Skills & Competencies
Expert-level cloud security engineering and cybersecurity expertise
Strong strategic thinking and technical leadership capability
Ability to evaluate emerging technologies and associated cybersecurity risks
Excellent written and verbal communication skills
Ability to brief senior leadership and executive stakeholders
Strong analytical, troubleshooting, and problem-solving capabilities
Ability to lead technical discussions, architecture reviews, and modernization efforts
Experience mentoring junior engineers and cybersecurity personnel
High degree of professionalism, accountability, and judgment in sensitive environments
Responsibilities
Cloud Security Engineering & Architecture
Lead security engineering efforts supporting cloud-based and hybrid enterprise environments
Design and evaluate secure cloud architectures and modernization strategies
Support implementation of cloud-native security controls and enterprise security baselines
Provide cybersecurity engineering guidance for cloud adoption, migration, and modernization initiatives
Evaluate emerging cloud technologies and recommend secure implementation approaches
RMF & Authorization Support
Lead RMF authorization and accreditation activities for cloud-based systems
Develop, review, and maintain cybersecurity documentation including:
System Security Plans (SSPs)
Security assessment documentation
POA&Ms
Risk assessments
Security architecture documentation
Mitigation strategies
Support continuous monitoring and audit readiness activities
Vulnerability & Risk Management
Identify, assess, and mitigate cybersecurity risks across cloud and hybrid environments
Support enterprise vulnerability management and remediation activities
Evaluate security impacts associated with new technologies, cloud services, and architectural changes
Coordinate with technical teams to resolve cybersecurity findings and compliance deficiencies
Technical Leadership & Stakeholder Engagement
Serve as a senior cybersecurity advisor supporting technical and operational stakeholders
Participate in architecture reviews, technical working groups, and modernization initiatives
Provide executive-level briefings, technical recommendations, and risk analysis
Mentor cybersecurity personnel and provide guidance on security engineering best practices
Support continuous improvement and enterprise cybersecurity strategy initiatives
Preferred Qualifications
Experience supporting enterprise federal cloud modernization programs
Experience supporting classified or highly regulated environments
Experience implementing Zero Trust security architectures
Familiarity with Kubernetes, container security, and serverless technologies
Experience supporting DevSecOps and automation initiatives
Experience supporting enterprise cloud governance and security compliance programs
NDi is seeking a highly experienced Information Systems Security Engineer (ISSE) – Subject Matter Expert (SME) to support enterprise cloud security engineering, authorization, compliance, and modernization initiatives within a complex federal cybersecurity environment.
This position serves as a senior technical authority supporting the secure design, implementation, assessment, and continuous monitoring of cloud-based and hybrid information systems. The selected candidate will provide expert-level cybersecurity engineering guidance supporting cloud adoption, security architecture, RMF implementation, vulnerability management, and enterprise modernization efforts across mission-critical systems and environments.
The ideal candidate possesses deep expertise in cloud security engineering, federal cybersecurity compliance, modern cloud architectures, and secure enterprise technology integration within highly regulated environments.
Requirements
U.S. Citizenship is required
Must possess an active Top Secret (TS) clearance at the time of application
Must have the ability to obtain and maintain a Counterintelligence (CI) Polygraph
Ability to obtain and maintain additional agency access as required
This position requires onsite support in Washington, DC
Qualifications & Experience
Education
Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, Engineering, or related technical discipline; or equivalent combination of education, training, and experience
Master’s degree preferred
Certifications
Required
Certified Information Systems Security Professional (CISSP) or
Certified Ethical Hacker (CEH)
Preferred
One or more cloud-related certifications preferred, such as:
AWS Certified Security – Specialty
AWS Solutions Architect
Microsoft Certified: Azure Security Engineer Associate
CCSP
Google Professional Cloud Security Engineer
Professional Experience
Ten (10) or more years of experience
supporting cybersecurity engineering, information assurance, or enterprise security operations
in secure design, analysis, and testing of information security systems and products
applying methods, standards, and approaches ensuring baseline security safeguards are properly implemented and documented
creating and updating security test plans for detecting and mitigating risks to information systems
Demonstrated experience supporting cloud security engineering within federal or highly regulated environments
Experience designing and implementing secure cloud and hybrid architectures
Experience supporting NIST RMF authorization and accreditation activities for cloud-based systems
Experience supporting enterprise modernization, cloud migration, and Zero Trust initiatives
Experience performing security architecture analysis, vulnerability remediation, and risk management activities
Experience supporting large-scale AWS, Azure, or hybrid cloud environments
Experience advising senior technical and executive stakeholders on cybersecurity strategy and risk
Certifications, prior experience, and demonstrated expertise may be considered in lieu of traditional years of experience requirements where applicable.
Domain Expertise
Expert understanding of:
Cloud security architecture and engineering
NIST Risk Management Framework (RMF)
FedRAMP
FISMA compliance requirements
Security authorization / ATO processes
Continuous monitoring
Zero Trust architecture
Identity and access management (IAM)
Container and Kubernetes security
DevSecOps and Infrastructure-as-Code (IaC)
Experience supporting:
Cloud security assessments
Security architecture reviews
Security control implementation and validation
Risk assessments and mitigation planning
POA&M management
Enterprise vulnerability management
Security automation and orchestration
Familiarity with:
AWS GovCloud
Azure Government
Cloud-native security tooling
SIEM and monitoring platforms
Endpoint and network security technologies
CI/CD pipeline security
Skills & Competencies
Expert-level cloud security engineering and cybersecurity expertise
Strong strategic thinking and technical leadership capability
Ability to evaluate emerging technologies and associated cybersecurity risks
Excellent written and verbal communication skills
Ability to brief senior leadership and executive stakeholders
Strong analytical, troubleshooting, and problem-solving capabilities
Ability to lead technical discussions, architecture reviews, and modernization efforts
Experience mentoring junior engineers and cybersecurity personnel
High degree of professionalism, accountability, and judgment in sensitive environments
Responsibilities
Cloud Security Engineering & Architecture
Lead security engineering efforts supporting cloud-based and hybrid enterprise environments
Design and evaluate secure cloud architectures and modernization strategies
Support implementation of cloud-native security controls and enterprise security baselines
Provide cybersecurity engineering guidance for cloud adoption, migration, and modernization initiatives
Evaluate emerging cloud technologies and recommend secure implementation approaches
RMF & Authorization Support
Lead RMF authorization and accreditation activities for cloud-based systems
Develop, review, and maintain cybersecurity documentation including:
System Security Plans (SSPs)
Security assessment documentation
POA&Ms
Risk assessments
Security architecture documentation
Mitigation strategies
Support continuous monitoring and audit readiness activities
Vulnerability & Risk Management
Identify, assess, and mitigate cybersecurity risks across cloud and hybrid environments
Support enterprise vulnerability management and remediation activities
Evaluate security impacts associated with new technologies, cloud services, and architectural changes
Coordinate with technical teams to resolve cybersecurity findings and compliance deficiencies
Technical Leadership & Stakeholder Engagement
Serve as a senior cybersecurity advisor supporting technical and operational stakeholders
Participate in architecture reviews, technical working groups, and modernization initiatives
Provide executive-level briefings, technical recommendations, and risk analysis
Mentor cybersecurity personnel and provide guidance on security engineering best practices
Support continuous improvement and enterprise cybersecurity strategy initiatives
Preferred Qualifications
Experience supporting enterprise federal cloud modernization programs
Experience supporting classified or highly regulated environments
Experience implementing Zero Trust security architectures
Familiarity with Kubernetes, container security, and serverless technologies
Experience supporting DevSecOps and automation initiatives
Experience supporting enterprise cloud governance and security compliance programs
group id: 10268248