Posted 5 months ago

Lead Information Systems Security Engineer (ISSE)

Location: Washington, DC (Hybrid – 3 days onsite / 2 days remote)
Employment Type: Full-Time (Open to 1099 / Hourly Direct Hire)
Clearance: Must be eligible for an Active Public Trust

Overview

We are seeking a Lead Information Systems Security Engineer (ISSE) to provide technical leadership and hands-on security engineering support for federal cloud and enterprise systems. This role focuses on securing cloud-based architectures, integrating security across the system lifecycle, and supporting Information System Security Officers (ISSOs) with authorization and accreditation activities.

Responsibilities

  • Lead the design and implementation of secure IT and cloud solutions in Microsoft Azure and Amazon Web Services (AWS)
  • Integrate security requirements throughout the system development lifecycle, including application development and deployment pipelines
  • Design and assess secure system and cloud architectures, including Azure VNets, NSGs, Azure Firewall, Private Endpoints, and AWS VPCs, subnets, route tables, security groups, and network ACLs
  • Provide technical and engineering support to ISSOs performing RMF and A&A activities
  • Conduct security impact assessments for system, architecture, application, and configuration changes
  • Perform threat modeling to identify, analyze, and mitigate risks associated with application and infrastructure design changes
  • Execute Supply Chain Risk Management (SCRM) activities aligned with NIST SP 800-161
  • Evaluate SaaS, applications, and government solutions for compliance with NIST, FedRAMP, and federal security requirements
  • Apply application security best practices, including secure coding principles, dependency management, and vulnerability remediation
  • Support DevSecOps practices by integrating security controls, scanning, and monitoring into CI/CD pipelines
  • Apply security best practices to Kubernetes, containers, and Infrastructure as Code (Terraform)
  • Collaborate with SOC teams to verify log capture, security monitoring, access control enforcement, and ongoing alerting within defined RMF authorization boundaries
  • Contribute to security architecture documentation, technical standards, and risk-based recommendations
  • Mentor junior team members and provide technical guidance

Qualifications

  • Bachelor’s degree in Cybersecurity, IT, Engineering, or related field
  • 8+ years of cybersecurity or ISSE experience
  • Strong networking experience, including TCP/IP, routing and switching, firewalls, VPNs, load balancing, and cloud networking
  • Demonstrated experience with Azure and AWS networking services
  • Experience with application security and DevSecOps in cloud-based environments
  • Strong knowledge of NIST RMF, FedRAMP, NIST SP 800-161, and Common Criteria
  • Experience conducting security impact assessments and threat modeling
  • Experience with Kubernetes, containers, and Infrastructure as Code preferred
  • Experience collaborating with SOC teams for continuous monitoring and alerting
  • Strong communication and leadership skills

Preferred Certifications

  • CISSP or equivalent cybersecurity certification or equivalent

Apply For This Job

A valid email address is required.
A valid phone number is required.