Apply on Employer Site

ECS · 14 hours ago

Information System Security Engineer SME

Washington, DC

Full-time

Onsite

Senior Level, Lead/Staff

$175K/yr - $190K/yr

10+ years exp

ECS is seeking an experienced Information System Security Engineer (ISSE) - SME to join our team as an expert in designing, implementing, and maintaining secure information systems. The successful candidate will have a strong background in security engineering, architecture, and risk management, focusing on protecting sensitive information and systems.

Artificial Intelligence (AI)Cloud InfrastructureComplianceConsultingCyber SecurityInformation TechnologyMachine LearningSecuritySoftware

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Lead, mentor, and supervise a team of security professionals responsible for the end-to-end implementation of the RMF lifecycle for Enterprise IT systems

Oversee and coordinate activities within the Prepare step, ensuring roles, responsibilities, and risk management strategies are clearly defined and maintained

Guide system categorization efforts to ensure all information systems are appropriately classified based on mission/business impact and regulatory requirements

Direct the selection, tailoring, and documentation of security controls aligned with system categorizations, Enterprise risk appetite, and compliance requirements

Oversee the implementation of technical, operational, and management controls throughout system and application lifecycles, with a particular focus on quality and completeness of all deliverables

Ensure comprehensive security control assessments are planned, executed, and documented to validate the effectiveness of implemented safeguards

Prepare risk management documentation for system authorization and executive decision making

Direct ongoing monitoring and continuous assessment activities, collecting metrics to adjust security strategies and ensure sustained compliance

Serve as a principal technical advisor on cybersecurity, bringing subject-matter expertise to risk analysis, incident response, system remediation, and audit support efforts

Foster a culture of security awareness, providing technical guidance and training to both team members and stakeholders

Track, report, and communicate status, risks, and improvement opportunities related to security engineering activities to leadership and stakeholders

Maintain up-to-date knowledge of RMF, NIST guidance, and industry best practices in support of continuous process improvement

Qualification

GRCRMF toolsCISSP certificationCASP certificationCSSLP certificationISSEP certificationISSAP certificationJCAMCSAMXactaBachelor's degreeAdvanced degreeSoft skills

Required

Security Clearance: Top Secret (TS) with SCI eligibility

10+ years of progressive technical security engineering experience to include use of GRC and RMF tools

Hold at least one of the following certifications: Certified Information Systems Security Professional (CISSP) (or Associate); CompTIA Advanced Security Practitioner (CASP) CASP CE; Certified Secure Software Lifecycle Professional (CSSLP); CISSP- Information System Security Engineering Professional (ISSEP); or CISSP- Information System Security Architecture Professional (ISSAP)

Minimum 10 years' experience, or equivalent education/experience; Doctorate plus 6 years; Master's plus 6 years; Associates plus 10 years; or H.S./GED plus 14 years

Preferred

A bachelor's and/or advanced degree in computer science, business management, or IT-related discipline

Experience working within JCAM and/or CSAM

Experience working with Xacta

Company

ECS

Glassdoor3.6

ECS is a fast-growing 4,000-person, $1.2B provider of advanced technology solutions for federal civilian, defense, intelligence, and commercial customers.

Founded in 2001

Fairfax, Virginia, USA

1001-5000 employees