Lead Information Systems Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

ICS Nett, Inc. (ICS) · 19 hours ago

Lead Information Systems Security Engineer

positionSterling, VA
timeFull-time
remoteHybrid
seniorityLead/Staff
date8+ years exp

ICS Nett, Inc. is seeking a Lead Information Systems Security Engineer (ISSE) to provide technical leadership and hands-on security engineering support for federal cloud and enterprise systems. The role focuses on engineering security in cloud-based architecture and integrating security throughout the system lifecycle.

Information TechnologySoftware
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Design and implementation of security mechanisms protecting IT and cloud solutions in Microsoft Azure and Amazon Web Services (AWS)
Integrate security requirements throughout the system development lifecycle, including applications, single and multi-purpose information systems, operating systems and CI/CD pipelines
Design and assess secure information systems and cloud architectures, including Azure and other cloud vendors
Highly experienced in designing the configuration of, NSGs, Azure Firewall, Private Endpoints security, and AZURE VNETs, subnets, routing tables, security groups, and network ACLs
Expert in assessing the effectiveness of implemented security mechanisms and configurations
Provide technical and engineering support to ISSOs performing A&A activities
Conduct security impact assessments for system, architecture, application, and configuration changes
Perform threat modeling to identify, analyze, and mitigate risks associated with application and infrastructure design changes
Integrate Supply Chain Risk Management (SCRM) activities aligned with NIST SP 800-161 into information system designs
Apply application security best practices, including secure coding principles, dependency management, and vulnerability remediation
Support DevSecOps practices by designing and integrating security controls, scanning, and monitoring at strategic points of the CI/CD pipeline prior to introduction to a production environment
Design and implement security best practices for containers, and Infrastructure as Code
Develop security architecture documentation, technical standards, and risk-based recommendations based on security designs
Mentor junior team members and provide technical guidance

Qualification

Cloud Security EngineeringAzure Networking ServicesNIST RMFCISSP CertificationDevSecOps PracticesThreat ModelingApplication SecurityKubernetesCommunication SkillsLeadership Skills

Required

Bachelor's degree in Cybersecurity, IT, Engineering, or related field
8-10+ years of senior cybersecurity engineer and 6 + years of verifiable ISSE experience
Strong networking experience, including TCP/IP, routing and switching, firewalls, VPNs, load balancing, and cloud networking
Demonstrated experience with Azure networking services
Experience with application security and DevSecOps in cloud-based environments
Strong knowledge of NIST RMF, FedRAMP, NIST SP 800-161, and NIAP/Common Criteria
Experience conducting security impact assessments and threat modeling
Experience with Kubernetes or other container technologies, and Infrastructure as Code preferred
Strong communication and leadership skills
CISSP or equivalent cybersecurity certification or equivalent
CCSP

Preferred

ISSEP
ISSAP

Company

ICS Nett, Inc. (ICS)

twittertwittertwitter
company-logo
ICS Nett is an information technology company specializing in supply chain management solutions.
dateFounded in 2003
location
Fairfax, Virginia, USA
people-size51-200 employees
web-link
http://ics-nett.com

Funding

Current Stage
Growth Stage
Company data provided by crunchbase