Information Systems Security Engineer-(TS​/SC w​/Poly-Chantilly, VA

iSenpai is a Woman‑Owned Small Business (WOSB) that provides enterprise IT and cyber security services, cloud technology, and data analytics solutions for U.S. Government and commercial customers. We specialize in cloud‑based solutions with cyber security integrated into the design, delivered using efficient Agile Dev Sec Ops . Engaging across industry and academia, we develop innovative approaches to support our customers’ changing mission needs and data.

Our designs are industry‑proven to handle enormous data streams from open source, Internet of Things (IOT), cyber tools, and social media. We bring expertise with NIST Special Publication 800‑53 and the Risk Management Framework (RMF) to maintain secure, scalable, and highly available systems to meet the mission. Our goal is to provide expert services while cultivating knowledge among all employees for the advancement of our services.

We offer a comprehensive package of 100% employer‑paid benefits, including medical, dental, vision, HSA contribution, 401K match, and more.

• Health, Dental, and Vision Insurance Premiums are 100% provided by iSenpai for employees and eligible dependents
• Tricare Supplemental Insurance plan provided by iSenpai for eligible employees and dependents
• Personal Accident Insurance provided by iSenpai
• Life Insurance provided by iSenpai
• Short‑ and Long‑Term Disability Insurance provided by iSenpai
• 401K Contribution Matching – 5% dollar for dollar
• Paid time off (PTO) starting at 4 weeks a year (20 days)
• PTO buyback program
• 11 paid Federal Holidays
• Reimbursement for any wellness programs and/or work‑life balance programs
• Reimbursement for cell phone plans
• Reimbursement for home internet
• Reimbursement every 2 years for a cell phone upgrade
• Thousands of discounts on everything from your cell phone bill to NFL tickets, movie tickets, live performances, etc.
• Rewards for obtaining new IT certifications
• Computer‑based training (CBT) library on IT and information security topics and certifications
• Remote access to a virtual lab for testing/learning opportunities
• Flexible / Alternative Work Schedules (based on customer requirements)

iSenpai is an equal opportunity / affirmative action employer. We give equal consideration to all qualified candidates without regard to race, color, gender, nationality, disability, or protected veteran status.

The Information System Security Engineer (ISSE) designs, implements, and manages security solutions for information systems. Their responsibilities include ensuring systems meet security standards, conducting risk assessments, and recommending mitigation strategies. They collaborate with various teams to integrate security controls and maintain a secure operational environment.

• Security Architecture Design: developing and implementing security architectures for information systems, including hardware, software, and network components.
• Risk Management:
  
  identifying and assessing security risks, developing mitigation strategies, and implementing security controls to address identified vulnerabilities.
• Security Compliance: ensuring systems comply with relevant security policies, regulations, and standards such as NIST, RMF, and ICD 503.
• Vulnerability Management: conducting vulnerability scans, analyzing results, and recommending remediation actions.
• Security Documentation: creating and maintaining security documentation, including system security plans, security assessment reports, and risk management plans; experience with Body of Evidence collection and maintenance of System Security Plans in industry‑standard tools such as Xacta, eMass, Archer.
• Collaboration and Communication: working closely with system administrators, network engineers, software developers, and other stakeholders to integrate security into the system development lifecycle.
• Continuous Monitoring: participating in continuous monitoring activities to ensure ongoing security posture and compliance.
• Incident Response: participating in incident response activities, including investigating security incidents, analyzing malware, and implementing forensic…