isecjobs.com

Senior Information System Security Engineer

Washington, DC, United States

⚠️ We'll shut down after Aug 1st - try foo🦍 for all jobs in tech ⚠️

Full Time Senior-level / Expert Clearance required USD 190K - 200K
Company logo

ECS

ECS is a technology leader in science, engineering, cloud, cybersecurity, artificial intelligence, machine learning and IT modernization. Reach out today.

View all jobs at ECS

Apply now Apply later

ECS is seeking a Senior Information System Security Engineer to work in our Washington, DC office.

 

An Information Systems Security Engineer (ISSE) is responsible for designing, implementing, and maintaining security measures to protect an organization's information systems and data assets from cybersecurity threats and vulnerabilities. Work closely with IT teams, management, and other stakeholders to ensure the confidentiality, integrity, and availability of sensitive information and critical infrastructure.

 

Salary Range: $190,000 - $200,000

General Description of Benefits

Qualifications
  • Must have a current Top-Secret Clearance with the capability of Obtaining SCI / CI-Poly if needed to meet contract requirements
  • Bachelor's Degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university is required
  • 10+ years of IT related experience
  • Expert technical knowledge in security engineering and IT systems engineering.
  • Review system architecture to evaluate alignment with:
    • FISMA, Executive Orders, National Manager Memos, and FedRAMP
    • Required NIST SP 800-53 Rev. 5 or CNSSI 1253 (if NSS)
    • DISA STIGs & STGs, CIS benchmarks, OWASP Top 10, ASVS, MASVS, and vendor recommended standards
  • Conduct targeted comprehensive threat and risk assessments using:
    • NIST SP 800-30, Microsoft STRIDE, DREAD, Fishbone (Ishikawa) Analysis, OCTAVE, P.A.S.T.A., MITRE ATT&CK, D3FEND, SHIELD, and ATLAS frameworks
  • Apply secure design principles when recommending remediation and mitigation approaches from:
    • NIST SP 800-160 Vol. 1 & 2 (Systems Security Engineering)
    • NSA Information Assurance Technical Framework (IATF)
  • Evaluate system-level, system of systems, and enterprise-level cybersecurity posture across:
    • Networks (LAN/WAN/wireless/cellular)
    • Hypervisors, Containers, orchestrators, cloud
    • Operating Systems (Windows, Linux, macOS)
    • Application logic and APIs
    • Databases (SQL/NoSQL)
    • Web servers and web logic
    • Firewalls and IPS
  • Evaluate cross domain solutions for compliance with the National Cross Domain Strategy and Management Office (NCDSMO) Raise the Bar (RTB) standards
  • Evaluate cryptographic implementations and ensure compliance with:
    • FIPS 140-3
    • NIST SP 800-56, 57, 131A, and related series
    • Post-quantum cryptography requirements (NIST and NSA)
  • Assess Identity, Credential, and Access Management (ICAM) solutions:
    • Aligning with NIST 800-63 IAL/AAL/FAL levels
    • Support for PIV/CNSS cards, SAML, OIDC, OAuth2
  • Assess secure mobile development and deployment:
    • Secure mobile applications, MDM/MAM platforms
    • Address mobile OS-specific threats (iOS, Android)
  • Interpret and provide remediation or mitigation strategies based on:
    • Penetration testing results and associated PO&AMs
    • Security control assessments
    • Vulnerability and compliance scans
  • Leverage programming language to review static and dynamic code analysis and provide remediation or mitigation recommendations
  • Support mission assurance and security of Operational Technology (OT) systems
    • Including real-time operating systems (RTOS) and low-latency requirements
    • Building automation systems, robotics, drones, and scientific machines
Apply now Apply later
Job stats:  2  0  0
Category: Security Engineering Jobs

Tags: Android APIs Automation Clearance Cloud CNSS Code analysis Compliance Computer Science Cryptography DISA FedRAMP Firewalls FISMA iOS IPS ISSE Linux MacOS MITRE ATT&CK NIST NIST 800-53 NoSQL Octave OWASP Pentesting Risk assessment RTOS SAML SQL STIGs Strategy Vulnerabilities Windows

Region: North America
Country: United States

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Senior Cybersecurity Engineer jobsInformation System Security Officer jobsIT Security Analyst jobsSenior Security Analyst jobsSenior Information Security Analyst jobsSecurity Operations Engineer jobsSenior Cloud Security Engineer jobsCyber Security Specialist jobsInformation Security Manager jobsSenior Product Security Engineer jobsSenior Network Security Engineer jobsInformation System Security Officer (ISSO) jobsSenior Information Security Engineer jobsSenior Cyber Security Engineer jobsSecurity Consultant jobsChief Information Security Officer jobsInformation Systems Security Engineer jobsSecurity Specialist jobsNetwork Engineer jobsCyber Threat Intelligence Analyst jobsSenior Software Engineer jobsIT Security Engineer jobsSecurity Operations Analyst jobsCybersecurity Specialist jobsSenior IT Auditor jobs
GDPR jobsSecurity assessment jobsEDR jobsTS/SCI jobsEncryption jobsSDLC jobsThreat detection jobsRMF jobsMalware jobsTerraform jobsSplunk jobsSQL jobsIDS jobsITIL jobsFinance jobsCompTIA jobsOWASP jobsTop Secret jobsIPS jobsForensics jobsSOC 2 jobsActive Directory jobsDocker jobsGIAC jobsClearance Required jobs
TCP/IP jobsOSCP jobsCRISC jobsHIPAA jobsMITRE ATT&CK jobsDoDD 8570 jobsIntrusion detection jobsAnsible jobsVPN jobsCCSP jobsZero Trust jobsJavaScript jobsSOAR jobsJira jobsDNS jobsUNIX jobsIT infrastructure jobsData Analytics jobsIndustrial jobsSOX jobsBanking jobsNIST 800-53 jobsKPIs jobsGCIH jobsSANS jobs