Isse (Ts/Sci)

Reston, VA, United States

Maxar Technologies

Integrated space infrastructure and Earth intelligence capabilities that make global change visible, information actionable and space accessible.

View all jobs at Maxar Technologies

Apply now Apply later

Please review the job details below.

Maxar is seeking a dedicated ISSE to be an integral part of a critical program supporting multiple development teams focused on a suite of web applications. These tools are central to advanced data discovery, analytics, and production capabilities for our government client located in Reston, VA. You will play a vital role in ensuring the security posture of these applications throughout their lifecycle, from development on unsecure networks to secure deployment on high-side government systems.

Key Responsibilities:

  • Secure Software Development Lifecycle (SSDLC) Integration: Integrate security practices into all phases of the software development lifecycle (SDLC) for multiple web applications, ensuring security is "baked in" from design to deployment.

  • Security Architecture & Design: Develop, review, and analyze security architectures and designs for web applications, databases, and underlying infrastructure, ensuring compliance with government security mandates (e.g., NIST, RMF, STIGs).

  • Cross-Domain Security Expertise: Provide expert guidance and solutions for securing applications developed on low (unsecure) networks and deployed on high (secure Government) networks, addressing specific challenges of data transfer, sanitization, and access control between domains.

  • Vulnerability Management: Conduct and oversee vulnerability assessments, penetration testing, and security audits of web applications and supporting systems. Analyze results, prioritize findings, and work with development teams to ensure timely remediation and mitigation strategies.

  • Risk Management & ATO Support: Identify, assess, and manage security risks, contributing to the program's overall risk posture. Prepare and maintain comprehensive security documentation (e.g., SSPs, SARs, POA&Ms) to support Assessment & Authorization (A&A) processes and achieve/maintain Authority to Operate (ATO).

  • Security Control Implementation: Advise and assist development teams in the selection, implementation, and verification of appropriate security controls (technical, operational, and management) for web applications and their supporting infrastructure.

  • Policy & Compliance: Interpret and apply relevant government cybersecurity policies, regulations, and guidelines to ensure program compliance.

  • Incident Response Support: Provide security expertise and support during security incidents, contributing to containment, eradication, and recovery efforts.

  • Continuous Monitoring: Support ongoing continuous monitoring activities to maintain the security posture of deployed applications and systems.

  • Collaboration & Communication: Work closely with development teams, system administrators, program managers, and government security stakeholders to foster a strong security culture and ensure effective communication of security requirements and risks.

Required Qualifications:

  • Active Top Secret/SCI with CI Polygraph

  • Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related technical field.

  • 8 years of experience as an Information Systems Security Engineer (ISSE) or similar role, with a focus on web application security.

  • Demonstrated experience with the Risk Management Framework (RMF).

  • Experience with secure software development best practices, including static and dynamic application security testing (SAST/DAST) tools.

  • Proficiency in identifying and mitigating common web application vulnerabilities (e.g., OWASP Top 10).

  • Understanding of cross-domain solutions and secure data transfer mechanisms between different security enclaves.

  • Experience in vulnerability scanning tools (e.g., Nessus, ACAS) and Security Technical Implementation Guides (STIGs).

  • Strong analytical and problem-solving skills, with the ability to identify and address complex security challenges.

  • Excellent written and verbal communication skills, capable of translating technical requirements and risks to diverse audiences.

  • Relevant cybersecurity certification (e.g., CISSP, CASP+, CEH, Security+).

Preferred Qualifications:

  • Familiarity with agile development methodologies.

  • Experience in a government or defense contracting environment.

  • Advanced degree in a cybersecurity-related field.

Nice to  Have 

  • Technical experience in software development, information technology, networking, or related field 

  • Experience working in an agile environment with an agile team 

  • Intelligence Community experience 

  

We offer:   

  • Corporate partner, industry training.  

  • Peer groups.  

  • Paid certifications.  

  • Education reimbursement.  

  • Hackathons!  

  • and much more...  

#cjpost

#LI-CJ1

In support of pay transparency at Maxar, we disclose salary ranges on all U.S. job postings.  The successful candidate’s starting pay will fall within the salary range provided below and is determined based on job-related factors, including, but not limited to, the experience, qualifications, knowledge, skills, geographic work location, and market conditions. Candidates with the minimum necessary experience, qualifications, knowledge, and skillsets for the position should not expect to receive the upper end of the pay range.

The base pay for this position within California, Colorado, Hawaii, and the Washington, DC metropolitan area is:

$135,000.00 - $199,000.00

For all other states, we use geographic cost of labor as an input to develop market-driven ranges for our roles, and as such, each location where we hire may have a different range.

We offer a comprehensive package of benefits including paid time off, health and welfare insurance, and 401(k) to eligible employees. You can find more information on our benefits at: https://www.maxar.com/careers/benefits

The application window is three days from the date the job is posted and will remain posted until a qualified candidate has been identified for hire.  If the job is reposted regardless of reason, it will remain posted three days from the date the job is reposted and will remain reposted until a qualified candidate has been identified for hire. 

The date of posting can be found on Maxar’s Career page at the top of each job posting.

To apply, submit your application via Maxar’s Career page.

Maxar Technologies values diversity in the workplace and is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.

Apply now Apply later
Job stats:  1  0  0

Tags: ACAS Agile Analytics Application security Audits CASP+ CEH CISSP Compliance Computer Science DAST Incident response ISSE Monitoring Nessus NIST OWASP Pentesting Polygraph Risk management RMF SAST SDLC Security Assessment Report SSDLC STIGs System Security Plan Top Secret TS/SCI Vulnerabilities Vulnerability management

Perks/benefits: Career development Health care Insurance Transparency

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.