Search

Information System Security Engineer (ISSE)(Mid/Senior)

OneZero Solutions
locationWashington, DC, USA
PublishedPublished: 6/14/2022
Technology
Full Time

Job Description

Job Description

We are an employee-centric company that truly values our team members and the contributions they make to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and on building teams that are, and continue to be, technically proficient across a broad range of cyber mission areas. OneZero full-time employees receive a highly competitive benefits package, including health, dental, vision, and life insurance, a 401(k) with company matching, paid time off and holidays, an employee referral program, and educational assistance. Additional details are available on our website: https://www.onezerollc.com/careers/

Position Title: Information System Security Engineer (ISSE)(Mid/Senior)

Location: On-site in a SCIF in the National Capital Region (NCR) – Nebraska Avenue Complex, Washington, DC (work locations transitioning to ICCB Bethesda / St. Elizabeths). Telework is not authorized; a designated Key Person must be available on-site during core hours

Clearance: TS/SCI

Job Summary:

Designs and integrates security requirements into systems and architectures to ensure secure development and deployment. Serve as the senior technical authority on security engineering matters for assigned programs and systems.

Education and Experience:

  • Mid-level: 3-5 years of experience
  • Senior-level: 7-10 years of experience
  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Electrical Engineering, or a closely related field.
  • 8–12 years of total information systems security engineering experience, with demonstrated depth across the following disciplines:
  • 4+ years designing and implementing secure architectures across classified or federal enterprise environments
  • 3+ years supporting RMF activities including SSP development, security control implementation, and authorization package preparation
  • 3+ years integrating security into SDLC and/or DevSecOps pipelines including threat modeling, SAST/DAST, and CI/CD security gates
  • 3+ years working with cloud environments (AWS, Azure, GCP) including cloud-native security architecture and configuration
  • 2+ years coordinating with ISSOs, system architects, developers, and government stakeholders on security engineering deliverables
  • Experience supporting DHS, Intelligence Community (IC), or other federal agency programs with working knowledge of NIST 800-53, NIST 800-160, ICD 503, and CNSSI 1253
  • Demonstrated experience operating in classified environments up to TS/SCI
  • Certifications: CISSP, CISM, CSSLP, CASP+ or equivalent

Essential Duties:

  • Translate security requirements into comprehensive system designs, reference architectures, and security overlays across complex, multi-domain environments
  • Design and implement secure architectures for classified and unclassified systems, cloud environments, hybrid infrastructures, and Cross Domain Solutions (CDS)
  • Apply defense-in-depth principles, zero trust architecture concepts, and least-privilege design patterns across all engineering activities
  • Evaluate and select security technologies, tools, and controls appropriate to system classification level, mission requirements, and threat environment
  • Develop and maintain system security architectures, security design documentation, and engineering artifacts in support of RMF authorization packages
  • Collaborate with software development teams to ensure security controls are implemented correctly and validated before system authorization
  • Support software assurance activities including secure code review, SAST/DAST integration, and vulnerability remediation guidance
  • Coordinate directly with ISSOs, system architects, software developers, program managers, and government stakeholders to integrate security into all phases of system development and operation
  • Brief security architecture decisions, risk posture, and engineering recommendations to senior leadership and Authorizing Officials
  • Provide authoritative guidance on applicable security standards, policies, and frameworks including NIST 800-53, NIST 800-160, ICD 503, CNSSI 1253, and DHS security policy
  • Represent the security engineering function in program reviews, design reviews, and technical working groups

OneZero Solutions, LLC is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category under applicable federal, state, and local laws.

To request an accommodation, please contact us at recruiting@onezerollc.com or call (202) 987-2580.



Job Posted by ApplicantPro

Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...