Cybersecurity​/Information Security Engineer

Cybersecurity / Information Security Engineer

:

Department:
Information Technology

Evans & Chambers Technology (EC) is seeking an experienced Information Systems Security Engineer (ISSE) to support a technical development program centered on cloud-based applications and associated infrastructure operating in a highly secure, classified network environment. The ISSE will integrate directly into a multidisciplinary team that includes software developers, systems engineers, Dev Ops engineers, database administrators, and systems architects.

Active TS/SCI with Polygraph

Chantilly, VA Onsite

9 AM – 3 PM daily; schedule flexibility outside those hours may be negotiated with management.

• Participate in daily Agile standup (scrum) meetings and provide status updates on assigned Jira issues
• Attend ad-hoc Technical Exchange Meetings (TEMs) to assess security impacts of proposed architectural and system changes
• Lead or assist with security scans; analyze and report on findings and their system impact
• Review externally reported security findings (CVEs) and conduct impact analysis with recommended remediation paths
• Evaluate upcoming system changes and new features for security implications during team design reviews

• Identify, select, implement, and assess NIST SP 800-53 security and privacy controls
• Develop and integrate secure configuration baselines per DISA STIGs and CIS benchmark guidelines
• Contribute to the design of secure architectures and system designs
• Ensure security requirements are embedded throughout the System/Software Development Life Cycle (SDLC)
• Execute Continuous Monitoring (Con Mon) activities in support of Assessment and Authorization (A&A) requirements
• Create, review, and maintain A&A artifacts and supporting documentation
• Perform security analysis and monitoring across a 100% AWS cloud-based environment
• Conduct vulnerability scanning, analyze results, and develop remediation strategies and security implementations
• Interface with Information System Security Managers (ISSMs) to support system accreditation efforts
• Lead or participate in TEMs; document outcomes and brief management as needed

• 6–10 years of relevant ISSE or cybersecurity experience
• Active TS/SCI with Polygraph
• BS in a technical discipline or equivalent demonstrable experience
• Hands‑on Linux experience, including proficiency with the command line
• Scripting and programming experience in Bash, Python, or similar languages
• Solid understanding of networking fundamentals — ports, routing, subnets, VPNs, firewalls, and troubleshooting
• Experience working within Agile development teams and workflows
• Strong working knowledge of NIST SP 800-37, NIST SP 800-53, NIST SP 800-160, DISA/CIS STIGs, and CVE management
• Experience with RMF workflow tools and processes
• Strong written and verbal communication skills; able to clearly articulate findings and recommendations, and receptive to alternative approaches raised by team members

• Relevant certifications such as CISSP, AWS Cloud Practitioner, AWS Security Specialty, or AI security credentials
• Experience with Infrastructure as Code (IaC) tools such as Ansible, Terraform, or similar automation platforms
• Prior experience working in a cloud-based environment, preferably AWS

All employment opportunities are made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status or any other basis protected by law.