Lead ISSE

Role Overview

We are seeking a Lead Information Systems Security Engineer (ISSE) to provide technical leadership and hands-on security engineering support for federal cloud and enterprise systems. This role focuses on securing cloud-based architectures, integrating security across the system lifecycle, and supporting Information System Security Officers (ISSOs) with authorization and accreditation activities.

Role Responsibilities

• Design and implement security mechanisms protecting IT and cloud solutions in Microsoft Azure and Amazon Web Services (AWS).

• Integrate security requirements throughout the system development lifecycle, including applications, single and multi-purpose information systems, operating systems, and CI/CD pipelines.

• Design and assess secure information system and cloud architectures, including Azure and other cloud vendors.

• Highly experienced in designing the configuration of NSGs, Azure Firewall, Private Endpoints security, Azure VNETs, subnets, routing tables, security groups, and network Access Control Lists.

• Expert in assessing the effectiveness of implemented security mechanisms and configurations.

• Provide technical and engineering support to ISSOs performing A&A activities.

• Conduct security impact assessments for system, architecture, application, and configuration changes.

• Perform threat modeling to identify, analyze, and mitigate risks associated with application and infrastructure design changes.

• Integrate Supply Chain Risk Management (SCRM) activities aligned with NIST SP 800-161 into information system designs

• Apply application security best practices, including secure coding principles, dependency management, and vulnerability remediation.

• Support DevSecOps practices by designing and integrating security controls, scanning, and monitoring at strategic points of the CI/CD pipeline prior to introduction to a production environment.

• Design and implement security best practices to containers and Infrastructure as Code

• Develop security architecture documentation, technical standards, and risk-based recommendations based on security designs.

• Mentor junior team members and provide technical guidance.

‍

Required Qualifications and Education:

• Bachelor's Degree in Cybersecurity, IT, Engineering, or related field.

• 6+ years of cybersecurity and 2+ years of verifiable ISSE experience.

• Strong networking experience, including TCP/IP, routing and switching, firewalls, VPNs, load balancing, and cloud networking.

• Demonstrated experience with Azure networking services.

• Experience with application security and DevSecOps in cloud-based environments.

• Strong knowledge of NIST RMF, FedRAMP, NIST SP 800-161, and NIAP / Common Criteria

• Experience conducting security impact assessments and threat modeling

• Experience with Kubernetes or other container technologies, and Infrastructure as Code preferred.

• Strong communication and leadership skills

• Required Certifications

o Certified Information Systems Security Professional (CISSP) or equivalent.

o Certified Cloud Security Professional (CCSP)

• Preferred Certifications:

o CISSP-ISSEP

o CISSP-ISSAP

‍

Location & Clearance Requirements

• This position is hybrid and is required to be onsite 3 days a week in Washington, DC.

• Must be able to obtain a public trust clearance.

‍