Career Opportunities

• Design, implement, and assess system-level security controls
• Integrate security requirements into system architectures and engineering efforts
• Support secure configuration and deployment of hardware and software systems
• Ensure compliance with cybersecurity policies and contractual requirements
• Collaborate with cross-functional teams to maintain system security posture

• Seven (7) years of experience as an ISSE on programs of similar scope, type, and complexity
• Bachelor’s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline
• Four (4) additional years of ISSE experience may substitute for a bachelor’s degree
• DoD 8570/8140 compliance with IASAE Level II, IAM Level II, or higher required

• Ten (10) years of experience as an ISSE on programs of similar scope, type, and complexity
• Experience in at least two (2) of the following areas:
  • Current security tools
  • Hardware/software security implementation
  • Communication protocols
  • Encryption techniques and tools
• Bachelor’s degree in Computer Science or related discipline
• DoD 8570/8140 compliance with IASAE Level II, IAM Level II, or higher required
• US citizenship and an active TS/SCI with Polygraph security clearance required

• Provide management oversight for information assurance and cybersecurity programs
• Coordinate implementation of IT security policies and security control requirements
• Manage and maintain the operational security posture of systems and enclaves
• Oversee vulnerability management and risk assessment activities
• Manage configuration control and security-related change management processes
• Assess and document security impacts of system modifications
• Oversee preparation and review of SSPs, Risk Assessment Reports, and authorization packages
• Support and guide security authorization activities under RMF
• Provide leadership and oversight to ISSOs and engineering staff
• Interface directly with Government stakeholders to achieve cybersecurity objectives

• Ten (10) years of experience in security authorization and RMF-based environments
• Experience with security tools, hardware/software security implementation, encryption, and/or communication protocols
• Bachelor’s degree in Computer Science, Cyber Security, IT Engineering, or related field
• In lieu of a Bachelor’s degree, four (4) additional years of relevant experience may be substituted
• DoD 8570 / 8140 compliance with IAM Level II required

• Twelve (12) years of experience in security authorization
• Experience with security tools, authorization techniques, incident management, and enterprise security architecture
• Bachelor’s degree in Computer Science, Cyber Security, IT Engineering, or related field
• In lieu of a Bachelor’s degree, four (4) additional years of relevant experience may be substituted
• DoD 8570 / 8140 compliance with IAM Level III required
• US citizenship and an active TS/SCI with Polygraph security clearance required

• Strong working knowledge of NIST 800-53 and RMF processes
• Experience briefing senior leadership and government customers
• Familiarity with enterprise security architecture and system engineering integration
• Strong written and verbal communication skills

Responsibilities

• Support the program’s Information Assurance (IA) and cybersecurity posture by developing, implementing, and maintaining security policies, standards, and methodologies.
• Assist with the preparation, review, and maintenance of security documentation including System Security Plans (SSPs), Risk Assessment Reports, Certification & Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
• Evaluate security solutions to ensure compliance with requirements for processing classified information.
• Maintain configuration management (CM) of security-relevant software, hardware, and firmware, ensuring all changes are tracked and evaluated for security impact.
• Provide daily support to the Information System Security Manager (ISSM) in maintaining appropriate security posture for systems, programs, and enclaves.
• Conduct vulnerability and risk assessments to support certification and accreditation processes.
• Administer user identification and authentication mechanisms for assigned systems.
• Plan, coordinate, and enforce IT security programs, policies, and operational procedures.
• Maintain accurate records of system configurations, upgrades, and security controls for workstations, servers, routers, firewalls, and network devices.
• Develop and maintain documentation in accordance with ODNI and DoD policies, supporting ongoing NIST Risk Management Framework (RMF) compliance.
• Serve as the approval authority for information systems under assigned control.

Qualifications

• • Current security tools and techniques
  • Hardware/software security implementation
  • Communication protocols
  • Encryption techniques/tools

• • Four (4) additional years of ISSO experience may be substituted for a bachelor’s degree.
  • Certifications: DoD 8570 compliance with Information Assurance Management (IAM) Level I or higher (e.g., CAP, GSLC, or Security+ CE).

Preferred Skills

• Strong understanding of NIST RMF, DoD, and ODNI security policies and procedures.
• Proven experience performing risk assessments and managing security documentation.
• Excellent communication skills and the ability to work collaboratively across technical and non-technical teams.
• Detail-oriented, with a proactive approach to maintaining system compliance and security posture.
• US citizenship and an active TS/SCI with polygraph security clearance required

• Support implementation and enforcement of information systems security policies, standards, and methodologies
• Maintain operational security posture for assigned systems or programs
• Assist with management of security aspects of information systems and perform day-to-day security operations
• Evaluate security solutions to ensure compliance with classified processing requirements
• Perform vulnerability and risk assessment activities
• Support configuration management (CM) of security-relevant hardware, software, and firmware
• Manage changes to systems and assess associated security impacts
• Develop and maintain System Security Plans (SSPs), Risk Assessment Reports, and supporting authorization documentation
• Track user identification and authentication mechanisms
• Support system authorization activities under RMF

• Eight (8) years of combined work-related experience in IT, cybersecurity, or security authorization
• Bachelor’s degree in Computer Science, Cyber Security, IT Engineering, or related discipline
• In lieu of a Bachelor’s degree, four (4) additional years of relevant work-related experience may be substituted
• DoD 8570 / 8140 compliance with IAM Level I required

• Ten (10) years of combined work-related experience in IT, cybersecurity, or security authorization
• Bachelor’s degree in Computer Science, Cyber Security, IT Engineering, or related discipline
• In lieu of a Bachelor’s degree, four (4) additional years of relevant work-related experience may be substituted
• DoD 8570 / 8140 compliance with IAM Level I required
• US citizenship and an active TS/SCI with Polygraph security clearance required

• Maintain and oversee system security posture and compliance
• Implement and manage security controls and authorization processes
• Apply knowledge of security tools, encryption technologies, and communication protocols
• Support hardware and software security implementation
• Collaborate with engineering and operational teams to address vulnerabilities and risk
• Ensure systems meet applicable DoD cybersecurity requirements

• Ten (10) years of experience as an ISSO on programs of similar scope, type, and complexity
• Experience in at least two (2) of the following areas:
  • Current security tools
  • Hardware/software security implementation
  • Communication protocols
  • Encryption techniques and tools
• Bachelor’s degree in Computer Science or related discipline
• DoD 8570/8140 compliance with IAM Level I or higher required

• Fifteen (15) years of experience as an ISSO on programs of similar scope, type, and complexity
• Experience in at least three (3) of the following areas:
  • Current security tools
  • Hardware/software security implementation
  • Communication protocols
  • Encryption techniques and tools
• Bachelor’s degree in Computer Science or related discipline
• Four (4) additional years of ISSO experience may substitute for a bachelor’s degree
• DoD 8570/8140 compliance with IAM Level I or higher required
• US citizenship and an active TS/SCI with Polygraph security clearance required

• Maintain and oversee system security posture and compliance
• Implement and manage security controls and authorization processes
• Apply knowledge of security tools, encryption technologies, and communication protocols
• Support hardware and software security implementation
• Collaborate with engineering and operational teams to address vulnerabilities and risk
• Ensure systems meet applicable DoD cybersecurity requirements

• Ten (10) years of experience as an ISSO on programs of similar scope, type, and complexity
• Experience in at least two (2) of the following areas:
  • Current security tools
  • Hardware/software security implementation
  • Communication protocols
  • Encryption techniques and tools
• Bachelor’s degree in Computer Science or related discipline
• DoD 8570/8140 compliance with IAM Level I or higher required

• Fifteen (15) years of experience as an ISSO on programs of similar scope, type, and complexity
• Experience in at least three (3) of the following areas:
  • Current security tools
  • Hardware/software security implementation
  • Communication protocols
  • Encryption techniques and tools
• Bachelor’s degree in Computer Science or related discipline
• Four (4) additional years of ISSO experience may substitute for a bachelor’s degree
• DoD 8570/8140 compliance with IAM Level I or higher required
• US citizenship and an active TS/SCI with Polygraph security clearance required

• Design and secure complex system and network architectures that span multiple enclaves with varying classification levels
• Create, review, and maintain security authorization documentation in alignment with DoD and federal cybersecurity policies
• Implement and guide the team through the Risk Management Framework (RMF) accreditation lifecycle; prior DIACAP experience is acceptable
• Perform in-depth assessments of open-source, GOTS, and COTS software for security risks and integration viability
• Utilize and interpret results from vulnerability management platforms and automated security scanning tools
• Recommend and validate system-level mitigations to meet required security postures and accreditation criteria
• Collaborate with development and infrastructure teams to ensure secure design and implementation practices across cloud-based big data systems
• Support government efforts in securing trust boundaries and interconnection agreements with external systems
• Contribute to the establishment and optimization of defensible security processes where existing policy is absent
• Apply knowledge of IA policy and enterprise cybersecurity architecture to secure networks, compute environments, and enclave systems
• Facilitate productive engagement with multidisciplinary teams and stakeholders across technical and policy domains

• 9+ years as an ISSE on large-scale, multi-tiered programs
• Bachelor's degree in a related field; or 7+ years with a Master’s degree; or 13+ years with a high school diploma or equivalent
• Strong working knowledge of TCP/IP, networking fundamentals, and common enterprise architectures
• DoD 8570 compliance at IAT Level II (Security+, SSCP, CCNA-Security, or GSEC required)
• Experience with DISA STIGs/SRGs, system hardening, and compliance tools and workflows
• Familiarity with RMF accreditation packages, POA&Ms, and eMASS or similar A&A systems
• Hands-on experience using security scanning tools and interpreting scan results to drive mitigation strategies
• US citizenship and an active TS/SCI with CI Polygraph security clearance required

• CISSP-ISSEP certification strongly preferred

• Design, develop, and maintain reusable frameworks, libraries, APIs, and reference implementations that integrate applications with zero trust identity and access services
• Create developer documentation, integration guides, and best practices to streamline adoption of security services by product teams
• Implement and support fine-grained authorization approaches (e.g., entitlements, row-level security, ABAC) and align them to business policies
• Collaborate with architects and platform engineers to ensure security services meet performance, usability, resilience, and compliance objectives
• Conduct design and code reviews; coach development teams on secure coding, identity integration, and threat-informed design patterns
• Evaluate emerging zero trust and identity/access technologies and recommend improvements to architecture, tooling, and developer experience

• US citizenship with an active TS/SCI with CI Polygraph required
• Minimum 7 years of professional experience in software engineering, security engineering, or closely related roles
• Bachelor’s degree in Computer Science, Engineering, or a related field (experience may be considered in lieu of a degree)
• Hands-on experience designing and deploying application components on AWS in IL6+ classified environments
• Proven experience implementing modern authentication and authorization standards (OAuth 2.0, OpenID Connect, SAML)
• Expertise with fine-grained access control models (entitlements, row-level security, ABAC)
• Strong proficiency in at least one programming language (Java, Go, or Python) for building frameworks, SDKs, and platform services
• Working knowledge of zero trust architecture and principles, including identity-centric security and least-privilege access
• Experience authoring developer documentation, integration guides, and reference implementations
• Solid understanding of secure coding practices, SDLC security, and integrating security controls into CI/CD pipelines

• Experience with enterprise identity platforms (e.g., AWS Cognito, Azure AD, Keycloak) and policy engines (e.g., OPA, Cedar)
• Background with authorization-as-a-service patterns, token exchange, and policy-based access control in microservices
• Familiarity with DISA STIGs/SRGs and compliance workflows in classified environments
• Contributions to internal SDKs, developer portals, or platform engineering products that improve developer productivity

• Design, develop, and maintain reusable frameworks, libraries, APIs, and reference implementations that integrate applications with zero trust identity and access services
• Create developer documentation, integration guides, and best practices to streamline adoption of security services by product teams
• Implement and support fine-grained authorization approaches (e.g., entitlements, row-level security, ABAC) and align them to business policies
• Collaborate with architects and platform engineers to ensure security services meet performance, usability, resilience, and compliance objectives
• Conduct design and code reviews; coach development teams on secure coding, identity integration, and threat-informed design patterns
• Evaluate emerging zero trust and identity/access technologies and recommend improvements to architecture, tooling, and developer experience

• US citizenship with an active TS/SCI with CI Polygraph required
• Minimum 7 years of professional experience in software engineering, security engineering, or closely related roles
• Bachelor’s degree in Computer Science, Engineering, or a related field (experience may be considered in lieu of a degree)
• Hands-on experience designing and deploying application components on AWS in IL6+ classified environments
• Proven experience implementing modern authentication and authorization standards (OAuth 2.0, OpenID Connect, SAML)
• Expertise with fine-grained access control models (entitlements, row-level security, ABAC)
• Strong proficiency in at least one programming language (Java, Go, or Python) for building frameworks, SDKs, and platform services
• Working knowledge of zero trust architecture and principles, including identity-centric security and least-privilege access
• Experience authoring developer documentation, integration guides, and reference implementations
• Solid understanding of secure coding practices, SDLC security, and integrating security controls into CI/CD pipelines

• Experience with enterprise identity platforms (e.g., AWS Cognito, Azure AD, Keycloak) and policy engines (e.g., OPA, Cedar)
• Background with authorization-as-a-service patterns, token exchange, and policy-based access control in microservices
• Familiarity with DISA STIGs/SRGs and compliance workflows in classified environments
• Contributions to internal SDKs, developer portals, or platform engineering products that improve developer productivity

• Supports information assurance programs for systems, enclaves, organizations, and programs
• Proposes, coordinates, implements, and enforces information systems security policies, standards, and methodologies
• Maintains the operational security posture to ensure compliance with established security policies and procedures
• Manages security aspects of information systems and performs day-to-day security operations
• Evaluates security solutions to ensure compliance with requirements for processing classified information
• Conducts vulnerability and risk assessments to support certification and accreditation activities
• Provides configuration management for security-related software, hardware, and firmware
• Manages system changes and assesses associated security impacts
• Prepares and reviews security documentation, including SSPs, Risk Assessment Reports, C&A packages, and SRTMs
• Supports security authorization activities in accordance with the NIST Risk Management Framework (RMF)

• A minimum of ten (10) years of experience serving as an Information Systems Security Officer (ISSO) on programs and contracts of comparable scope, complexity, and type is required. This experience must include at least two (2) of the following areas: familiarity with current security tools; hardware and software security implementations; communication protocols; and encryption techniques and tools
• A bachelor’s degree in computer science or a related field from an accredited college or university is required.
• DoD 8570 compliance at the Information Assurance Management (IAM) Level I or higher is also required.
• US citizenship and an active security clearance required