Information System Security Engineer; ISSE

SMX is seeking a highly skilled Information Systems Security Engineer (ISSE) to support the USINDOPACOM J6 portfolio of programs. This position is onsite at Hickam AFB, SMX HQ, and SMX Pearlridge HQ. Join our team to drive advanced cybersecurity solutions, focusing on hands‑on system testing, Security Information and Event Management (SIEM) configurations, system security engineering, zero trust architecture implementation, and supporting the Assessment and Authorization (A&A) process to protect critical DoD systems in a dynamic, mission‑critical environment.

This position requires a DoD Secret with eligibility for TS/SCI which requires US citizenship for work on DoD contracts.

• Conduct hands‑on security testing and vulnerability assessments, including penetration testing, configuration analysis, and security control validation.
• Configure and optimize SIEM platforms (e.g., Splunk, Elastic, Arc Sight) to collect, correlate, and analyze security event data for real‑time threat detection.
• Perform system security engineering tasks, including designing secure system architectures, implementing security controls, and hardening systems to meet DoD standards.
• Develop and implement zero trust security measures, such as least privilege access, micro‑segmentation, and continuous authentication across systems.
• Support the A&A process by preparing security documentation, conducting risk assessments, and ensuring compliance with DoD standards (e.g., RMF, NIST 800‑53).
• Provide technical expertise to identify, analyze, and mitigate vulnerabilities in Windows, Linux, Active Directory, and virtualized/containerized environments.
• Analyze and recommend zero trust strategies, integrating identity‑based access controls, network segmentation, and continuous monitoring solutions.
• Develop detailed security reports, SIEM dashboards, and A&A artifacts for high‑level briefings and system security engineering efforts.
• Utilize security tools (e.g., Tenable, Nessus, Splunk, Wireshark) to generate actionable security data and validate system integrity.
• Coordinate cross‑functional meetings to align stakeholders on security testing outcomes, system security engineering efforts, zero trust initiatives, and A&A requirements.
• Support resource allocation to ensure security testing, SIEM configurations, system security engineering, and A&A tasks are completed on time and within budget.
• Maintain knowledge management for cybersecurity projects, including SIEM configurations, system security engineering, zero trust implementations, and A&A documentation.
• Establish effective communication with internal and external stakeholders to promote security best practices and collaboration.
• Provide daily status updates in a scrum environment and collaborate in a team setting.
• Participate in technical discussions, offering SME-level recommendations on SIEM configurations, system security engineering, zero trust architectures, and A&A processes.
• Work independently without supervision to meet mission objectives.
• Up to 25% travel may be required.

• Requires a DoD Secret clearance with the ability to obtain a TS/SCI clearance.
• BS/BA in Cybersecurity, Computer Science, Information Technology, or related technical discipline OR
• Associate’s degree with additional relevant experience may be substituted for a BS/BA.
• Minimum of 10 years of experience in cybersecurity, with a focus on system security testing, SIEM management, system security engineering, or A&A processes.
• Expertise in configuring and managing SIEM platforms (e.g., Splunk, Elastic, Arc Sight) for threat detection and incident response.
• Experience in system security engineering, including secure system design, security control implementation, and system hardening for DoD environments.
• Strong understanding of zero trust architecture principles and practical implementation in DoD environments.
• Experience supporting the A&A process, including preparing RMF artifacts, conducting security control assessments, and interfacing with authorizing officials.
• Proficiency in security testing tools (e.g., Tenable, Nessus, Burp Suite, Wireshark) and techniques (e.g.,…