Information Systems Security Engineer (ISSE) - Mid
Role details
Job location
Tech stack
Job description
CGI Federal is seeking a Mid-Level Information Systems Security Engineer (ISSE) to support a large federal initiative. The Mid-Level ISSE is responsible for supporting the secure design, engineering, and integration of enterprise systems operating across hybrid cloud and on-premises environments. This role works closely with system architects, developers, ISSOs, and federal stakeholders to ensure systems are engineered in alignment with NIST security controls, RMF requirements, and agency-specific security standards.
The Mid-Level ISSE contributes to secure architecture analysis, control implementation, system hardening, compliance assessments, and configuration management activities throughout the system lifecycle.
Your future duties and responsibilities:
-
Support development and engineering of secure system architectures, including cloud, hybrid, and on-prem deployments.
-
Assist in designing, implementing, and validating security controls in accordance with NIST 800-53 and system-level requirements.
-
Contribute to system security plans, design documents, interface definitions, and engineering baselines.
-
Support threat modeling, system risk assessments, and engineering reviews.
-
Participate in technical evaluations for new technologies, tools, or system enhancements to improve security posture.
-
Assist in secure configuration reviews using STIGs, SCAP benchmarks, and system hardening guidance.
-
Collaborate with development, infrastructure, and operations teams to ensure secure integration across the system lifecycle.
-
Provide engineering support for RMF activities including control inheritance, boundary design, and system integration documentation.
-
Support testing activities including security functional testing, validation of implemented controls, and review of test results.
-
Coordinate with cross-functional teams to translate customer and mission requirements into secure engineering designs.
Requirements
-
Bachelor's degree in Cybersecurity, Information Systems, Computer Engineering, Software Engineering, or related technical field.
-
Minimum of 3-5 years of experience in cybersecurity engineering, systems engineering, or secure IT integration.
-
Active Top Secret (TS) clearance.
-
Working knowledge of:
-
Secure system architecture and design principles
-
NIST RMF lifecycle and security engineering processes (NIST 800-37, 800-160)
-
Implementing NIST 800-53 security controls
-
System hardening and secure configuration management
-
Familiarity with:
-
Cloud platforms (AWS, Azure, GovCloud)
-
Engineering tools such as Git, CI/CD pipelines, or DevSecOps processes
-
Common programming/scripting languages (e.g., PowerShell, Python, Bash)
-
Ability to analyze technical information, produce engineering documentation, and communicate effectively with cross-functional teams.
Preferred Certifications (Mid-Level Appropriate)
Preferred:
-
Security+ CE
-
CC (ISC2)
-
CEH
-
CompTIA CySANice to Have (Senior Path):
-
CASP+ CE
-
CISSP-Associate
-
GSEC
-
AWS/Azure security certifications
-
DoD 8140/8570 IAT/IASAE certifications
Technical Familiarity
-
STIG Viewer, SCAP Compliance Checker, and system hardening tools
-
ACAS/Nessus or similar vulnerability assessment tools
-
Secure network and system design fundamentals
-
Cloud security concepts and shared-responsibility models
-
Experience supporting secure engineering reviews, architecture diagrams, or solution design
-
Understanding of API security, data flows, and system integration patterns
-
Experience in version control and DevOps workflows (Git, Azure DevOps, or similar)