HTX Labs · 3 days ago

Information Systems Security Engineer (ISSE)

United States

Contract

Remote

Mid, Senior Level

5+ years exp

Maximize your interview chances

SimulationSoftware

Insider Connection @HTX Labs

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

This position will be responsible for developing and maintaining Authority to Operate (ATO) security control requirements.

Responsible for developing and maintaining CMMC security control requirements.

Design, develop, and implement robust security architectures and solutions for information systems and networks.

Conduct security assessments, threat modeling, and risk analysis to identify vulnerabilities and potential threats.

Collaborate with system owners, IT teams, and other stakeholders to integrate security requirements into systems development processes.

Develop and maintain system security plans (SSPs), security controls, and configuration baselines.

Perform continuous monitoring of information systems and ensure compliance with established security policies, standards, and frameworks (e.g., NIST, RMF, FedRAMP).

Participate in security control testing and evaluations to validate compliance and effectiveness.

Prepare and present security authorization documentation, risk assessments, and mitigation strategies.

Serve as a technical subject matter expert (SME) on cybersecurity best practices, tools, and technologies.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Information System Security OfficerInformation System Security EngineerDoD Risk Management FrameworkCybersecurity Maturity Model CertificationIAM Level I certificationCertified Information Systems Security ProfessionalCloud environmentsMicrosoft AzureNIST SP 800-53NIST RMFAzure security toolsPowerShellAzure CLIPythonBashJSONAzure DevOpsCI/CD pipelinesMulti-cloud environmentsAWS security

Required

Experience as an Information System Security Officer (ISSO) and/or Information System Security Engineer (ISSE) using the DoD Risk Management Framework (RMF) or CMMC

IAM Level I certification commensurate with DoD 8570.1M requirements, Certified Information Systems Security Professional (CISSP) certification preferred

5-7 years of experience working in Information Technology (IT), demonstrating a strong proficiency in managing technology systems and solutions

At least 1 year experience supporting cybersecurity efforts through the DoD RMF process or CMMC accreditation

1-2 years of experience with cloud environments, preferably Microsoft Azure

Educational degree in Cybersecurity, Computer Science, Information Technologies, etc.

Effective organizational, time management, and communications skills (written and verbal)

Preferred

Strong knowledge of NIST SP 800-53, NIST RMF, CMMC levels, and cloud-specific security best practices.

Proficiency in Azure security tools, encryption, access control, and Azure-specific risk management practices.

Experience in using PowerShell, Azure CLI, and scripting languages such as Python or Bash for automating security tasks and managing resources in Azure environments, as well as proficiency in JSON for implementing Infrastructure as Code (IaC) and security configurations

Certifications such as Azure Security Engineer Associate, or Azure Solutions Architect Expert are preferred.

Experience integrating security in Azure DevOps and CI/CD pipelines.

Familiarity with multi-cloud or hybrid environments, Azure or AWS security.

Strong analytical and problem-solving skills, with the ability to communicate complex security issues to technical and non-technical stakeholders.