Information System Security Engineer

Job Family : Cyber Consulting Travel Required : Up to 10% Clearance Required : Ability to Obtain Public Trust What You Will Do : + System Boundary Analysis: Define and maintain system security boundaries across hybrid cloud and on-premises environments, including AWS & Azure CSPs, VMware infrastructure, and legacy datacenter assets. + Authorization Package Development: Author and maintain System Security Plans (SSPs), Security Assessment Reports (SARs), Plans of Action and Milestones (POA&Ms), and related NIST RMF artifacts for all OCIO-managed systems. + Continuous Monitoring: Implement and oversee continuous ATO processes aligned with NIST SP 800-137 and OSCAL-based automation, ensuring real-time visibility into system posture. + Control Inheritance Mapping: Map technical controls across shared service environments, identifying common controls, system-specific controls, and hybrid inheritance relationships as systems migrate to cloud. + GRC Tool Administration: Manage the ingestion of infrastructure telemetry, vulnerability data, and configuration baselines into GRC platforms to automate compliance evidence collection. + Network Security Architecture: Evaluate and advise on network segmentation, firewall rules, TIC 3.0 compliance, F5 load balancer configurations, DNS security, and encrypted transit between enclaves and cloud environments. + Cloud Security Posture: Assess and harden CSP environments including VPC design, Security Groups, IAM policies, CloudTrail/GuardDuty integration, and encryption-at-rest/in-transit configurations. + Vulnerability Management: Collaborate with the SOC team and infrastructure teams to contextualize vulnerability findings from Tenable and similar tools, prioritizing remediation based on exploitability, exposure, and mission impactu2014not just CVSS scores. + Infrastructure Security Reviews: Conduct security assessments of proposed architecture changes, migration plans, and new technology deployments. + Incident Support: Provide senior-level technical analysis during security incidents, bridging the gap between SOC triage and executive risk communication. + ISSO Liaison: Work alongside ISSOs to translate technical system changes (network reconfigurations, cloud migrations, new integrations) into risk language and updated authorization documentation. + SOC Mentorship: Elevate the SOC teamu2019s understanding of governance context, helping analysts understand how their detection and response activities map to broader risk management and compliance objectives. + Technical Translation: Serve as the connective tissue between infrastructure engineers, application teams, ISSOs, and leadershipu2014ensuring security decisions are informed by both technical facts and organizational risk tolerance. + Vendor Coordination: Engage with contractors and vendors on security requirements, ensuring deliverables meet federal security standards. What You Will Need : + US Citizenship is required + Must be able to OBTAIN and MAINTAIN a Federal or DoD

Created: 2026-03-13