USAFA Information Systems Security Engineer

SiloSmashers, Inc. is a strategy, technology, and management consulting firm, founded in 1992, and located in Reston, Virginia. SiloSmashers delivers superior services and solutions to the public sector in the areas of project/program management, performance management, and IT security. The company provides innovative, collaborative business approaches, and proven methodologies that enable customers to break down organizational silos and optimize operational efficiency to achieve peak performance and mission success. Come join our team!

BACKGROUND

SiloSmashers is seeking an experienced Information Systems Security Engineer (ISSE) to join its growing contract supporting a federal government agency.

The Contractor shall be skilled and capable of performing the role of ISSE for the USAFA, defining, and staffing a team. The Contractor shall act as the technical subject matter expert and shall specialize in accessing, designing and architecting the security architecture of USAFA information systems to meet or exceed required.

security requirements. The ISSE is responsible for capturing and refining IT system requirements, integrating cybersecurity and cyber resilience into the engineering and lifecycle management of DoD information systems. Supporting both legacy and new system development, the ISSE ensures that security is embedded early and continuously throughout the system development life cycle (SDLC), aligning with the guidance in NIST SP 800-160 Volume 2 and SP 800-64 Revision 3.

This role focuses on applying systems security engineering practices to design and sustain resilient systems that maintain mission assurance despite adversarial conditions, component failures, or unexpected disruptions. The ISSE collaborates with architects, developers, system owners, and cybersecurity teams to translate mission and business needs into secure, survivable, and trustworthy system architectures. The ISSE also contributes to RMF activities, requirements definition, design reviews, threat modeling, and validation of security controls.

QUALIFICATIONS:

• Proven experience applying security engineering principles to support secure system design, development, and sustainment across the SDLC, in alignment with NIST SP 800-64 Rev. 3.
• Knowledge of cyber resilience concepts and ability to implement resiliency techniques (e.g., diversity, redundancy, isolation, graceful degradation) as described in NIST SP 800-160 Volume 2.
• Demonstrated ability to identify, document, and trace security and resilience requirements from mission/business needs through system design and implementation.
• Familiarity with threat modeling, risk assessment, and adversarial analysis methods to inform system-level security and resilience tradeoffs.
• Experience integrating security control selection, design, and implementation into RMF Steps 1–5, including participation in security architecture and design reviews.
• Proficiency with secure architecture design patterns, system-of-systems engineering, and component-level assurance techniques.
• Strong collaboration skills for working with multidisciplinary teams (developers, system engineers, cybersecurity analysts, mission owners).
• Effective communication skills for documenting system security plans, security architecture descriptions, and contributing to ATO and certification artifacts.

SOFT SKILLS:

• Systems Thinking & Strategic Foresight Ability to understand the system as a whole-including mission context, interdependencies, and potential failure modes-and to design security solutions that anticipate adversarial conditions and disruptions.
• Collaborative Communication Skilled at working across diverse teams (developers, engineers, PMs, cyber analysts) to translate complex security concepts into practical, mission-aligned solutions; able to bridge technical and non-technical audiences.
• Critical Thinking & Problem Solving Applies analytical reasoning to evaluate design trade-offs, assess threats and vulnerabilities, and develop resilient architectures under operational constraints.
• Adaptability & Learning Agility Comfortable with changing requirements, evolving threats, and new technologies; demonstrates a commitment to continuous learning and integration of emerging best practices.
• Attention to Detail Precise in documenting requirements, reviewing architecture, tracing controls, and validating security objectives across the SDLC.
• Leadership & Initiative Proactively identifies security risks and design gaps, champions secure design practices, and drives integration of resilience objectives from early lifecycle phases onward.

POSITION REQUIREMENTS

• Must be a U.S. Citizen
• IT Tier 3 security background investigation/clearance to match the designation of the system assigned.
• At least 5 years performing in a cybersecurity or related technical role
• ONE of the following certifications:
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Officer (CISSO)
  • Federal IT Security Professional -Designer – NG (FITSP-D)
  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Cloud Security Automation (GCSA)
  • GIAC Cloud Security Essentials (GCLD)
  • GIAC Defensible Security Architect (GDSA)
  • Global Industrial Cyber Security Professional (GICSP)
  • Certified Information Systems Security Professional Information Security Architectural Professional (CISSP-ISSAP)
  • Certified Information Systems Security Professional Information Systems Security Engineering Professional (CISSP-ISSEP)

Pluses:

• Currently supporting a DoD System
• Previous experience supporting a DoD System
• Possesses an active IT Tier 3 security background investigation/clearance