Information Systems Security Engineer SME
Indexed description
Please Note: This position is contingent upon contract award.
Key Responsibilities Include
- Lead and support full lifecycle RMF and Security Assessment and Authorization activities for federal information systems.
- Provide senior technical guidance to system owners, ISSOs, ISSMs, engineering teams, program leadership, and authorization stakeholders.
- Advise on system categorization, security control selection and tailoring, control implementation, assessment readiness, risk analysis, and authorization package quality.
- Review and strengthen RMF documentation, including System Security Plans, control implementation descriptions, risk assessments, security test plans, assessment results, POA&Ms, inventories, network diagrams, data flow diagrams, and continuous monitoring artifacts.
- Evaluate technical, operational, and management controls to determine whether safeguards are implemented correctly, operating as intended, and supported by complete evidence.
- Identify technical control gaps and develop remediation recommendations that are practical, risk-informed, and aligned to federal cybersecurity standards.
- Support cloud security engineering activities for systems using AWS, Azure, Google Cloud, or hybrid environments.
- Provide technical input for vulnerability remediation, patch compliance, POA&M tracking, emergency directive response, audit readiness, and corrective action planning.
- Support security impact analysis for proposed technical changes, including architecture updates, system integrations, cloud services, network changes, and control modifications.
- Develop or improve templates, checklists, SOPs, evidence standards, dashboards, and repeatable processes that improve quality, consistency, and efficiency.
- Track and communicate risks, findings, action items, assessment status, remediation progress, and improvement opportunities to stakeholders and leadership.
- Maintain current knowledge of RMF, NIST, CNSS, FISMA, cloud security, and federal cybersecurity best practices.
- Active Top Secret clearance with SCI eligibility.
- U.S. citizenship.
- 10+ years of experience in secure design, analysis, and testing of information security systems and products.
- 10+ years of experience applying cybersecurity methods, standards, and approaches to ensure baseline security safeguards are properly implemented and documented.
- 10+ years of experience creating or updating security test plans to detect, assess, and mitigate risk to information systems.
- CISSP or CEH required.
- Experience supporting RMF, ATO, SAA, continuous monitoring, POA&M management, vulnerability remediation, security assessment, and audit readiness activities.
- Experience developing, reviewing, or improving federal cybersecurity documentation and authorization artifacts.
- Knowledge of NIST SP 800-53, NIST SP 800-53A, FIPS 199, FIPS 200, CNSS guidance, FISMA, and federal information security requirements.
- Ability to assess technical security evidence and provide risk-based recommendations to technical and non-technical stakeholders.
- Strong written and verbal communication skills.
- Ability to lead teams, mentor personnel, coordinate across multiple stakeholders, and manage complex cybersecurity tasks in a high-accountability environment.
- Cloud security certification preferred, such as CCSP, AWS Certified Security - Specialty, AWS Certified Solutions Architect, Microsoft Azure Security Engineer Associate, or Google Professional Cloud Security Engineer.
- Experience securing AWS, Azure, Google Cloud, or hybrid cloud environments.
- Experience with GRC tools, control inheritance, evidence reuse, dashboard reporting, and workflow automation.
- Experience with tools such as Tenable Nessus, Security Center, Splunk, IBM Guardium, WebInspect, Nmap, or similar security platforms.
- Experience supporting classified federal environments, national security systems, law enforcement systems, intelligence systems, or high-impact mission systems.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We Value
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search