Information System Security Engineer; ISSE - SME; Cloud- W​/Top Secret Clearance

Responsibilities & Qualifications

We are seeking an Information System Security Engineer (ISSE) - SME (Cloud-based)

REQUIRED QUALIFICATIONS
:

Experience

• 10 years of experience in secure design, analysis, and test of information security systems and products.
• 10 years of experience applying methods, standards and approaches for ensuring the baseline security safeguards are appropriately implemented and documented.
• 10 years of experience creating and updating security test plans for detecting and mitigating risk to information systems.
• Demonstrated experience supporting government agencies, customers, or contracts within federal environments. This includes the Intelligence Community (IC), Department of Defense (DoD), Federal Civil agencies, and military organizations. Prior experience supporting the same or similar contract, with an in-depth understanding of the customer environment, requirements, and operational landscape, is highly desirable.

Education

• Bachelor’s and/or advanced degree in computer science, business management, or IT related discipline is preferred

Certifications

• Certified Information Systems Security Professional (CISSP) or Certified Ethical Hacker (CEH) certification required
• Preferred:
  Cloud certification

Clearance

• Active Top Secret

About the contract:

This contract supports the Security Assessment and Authorization (SAA) program and information system security responsibilities at a Federal Agency. Responsibilities of the contract as a whole include providing comprehensive Information Systems Security Officer (ISSO) and Information Systems Security Engineer (ISSE) support to address evolving cybersecurity needs by providing Information Security as a Service (ISaaS).

About the position:

Supports the implementation of the NIST Risk Management Framework (RMF) and Security Assessment and Authorization (SAA) process to ensure alignment with established cybersecurity standards. The Information Systems Security Engineer (ISSE) designs, implements, and maintains secure information systems for government environments. The ISSE integrates cybersecurity controls into system architectures, supports RMF and NIST compliance, performs vulnerability assessments, and develops security engineering solutions to protect sensitive data and infrastructure.

The role collaborates with network, system, and security teams to ensure systems meet federal security requirements, maintain operational resilience, and support continuous monitoring and risk mitigation activities.

• Lead, mentor, and supervise a team of contractor security professionals responsible for the end-to-end implementation of the RMF lifecycle for federal IT systems.
• Oversee and coordinate activities within the Prepare step, ensuring roles, responsibilities, and risk management strategies are clearly defined and maintained.
• Guide system categorization efforts to ensure all information systems are appropriately classified based on mission/business impact and regulatory requirements.
• Advise on the selection, tailoring, and documentation of security controls aligned with system categorizations, risk appetite, and compliance requirements.
• Oversee the implementation of technical, operational, and management controls throughout system and application life cycles, with a particular focus on quality and completeness of all deliverables.
• Ensure comprehensive security control assessments are planned, executed, and documented to validate the effectiveness of implemented safeguards.
• Prepare risk management documentation for system authorization and executive decision-making.
• Direct ongoing monitoring and continuous assessment activities, collecting metrics to adjust security strategies and ensure sustained compliance.
• Serve as a principal technical advisor on cybersecurity, bringing subject‑matter expertise to risk analysis, incident response, system remediation, and audit support efforts.
• Foster a culture of security awareness, providing technical guidance and training to both team members and stakeholders.
• Track, report, and communicate status, risks, and improvement opportunities related to security engineering activities to leadership and stakeholders.
• Maintain…