Information Systems Security Engineer (ISSE) - New Cloud Technol

NDi is seeking an experienced Information Systems Security Engineer (ISSE) to support the secure implementation, assessment, and integration of new cloud technologies within a large-scale federal cybersecurity environment.

This position will focus on security engineering, authorization support, cloud security architecture, and compliance activities associated with emerging cloud platforms, cloud-native capabilities, and hybrid enterprise environments. The selected candidate will support secure adoption of modern technologies while ensuring compliance with federal cybersecurity requirements, enterprise security standards, and risk management practices.

The ideal candidate possesses strong cloud security expertise, hands-on cybersecurity engineering experience, and familiarity with modern cloud architectures supporting mission-critical federal systems., Cloud Security Engineering

Support secure implementation and integration of new cloud technologies and cloud-native solutions

Perform cloud security engineering and architecture support activities

Evaluate cloud technologies and recommend secure implementation strategies

Support development and implementation of cloud security controls and security baselines

Assist with secure cloud migration and modernization initiatives

RMF & Compliance Support

Support RMF authorization and accreditation activities for cloud-based systems

Develop and maintain cybersecurity documentation including:

System Security Plans (SSPs)

Security assessment documentation

POA&Ms

Risk assessments

Security control implementation evidence

Support continuous monitoring and compliance reporting activities

Vulnerability & Risk Management

Identify, assess, and coordinate remediation of cloud security vulnerabilities and risks

Support cloud vulnerability scanning, analysis, and mitigation activities

Evaluate security impacts associated with new technologies and cloud services

Coordinate with technical teams to resolve cybersecurity findings and deficiencies

Security Operations & Stakeholder Support

Collaborate with ISSOs, engineers, architects, and operations teams to maintain secure cloud environments

Support incident response and security investigation activities as required

Provide cybersecurity guidance and recommendations to stakeholders and leadership

Participate in technical working groups, design reviews, and modernization initiatives

U.S. Citizenship is required

Must possess an active Top Secret (TS) clearance at the time of application

Must have the ability to obtain and maintain a Counterintelligence (CI) Polygraph

Ability to obtain and maintain additional agency access as required, Bachelor's degree in Cybersecurity, Information Systems, Computer Science, Engineering, or related technical discipline; or equivalent combination of education, training, and experience

Master's degree preferred

Certifications

Required:

CISSP or CEH

Cloud certification

Professional Experience

Eight (8) or more years of experience supporting cybersecurity engineering, information assurance, or cloud security operations

Demonstrated experience implementing and supporting cloud security technologies in AWS, Azure, or hybrid cloud environments

Experience supporting NIST RMF processes and security authorization activities for cloud-based systems

Experience supporting secure cloud migrations, cloud-native architectures, and enterprise modernization initiatives

Experience with vulnerability management, security compliance, and continuous monitoring activities

Experience supporting enterprise Windows, Linux, virtualization, and cloud environments

Familiarity with modern DevSecOps and Infrastructure-as-Code (IaC) methodologies

Certifications, prior experience, and demonstrated expertise may be considered in lieu of traditional years of experience requirements where applicable.

Domain Expertise

Strong understanding of:

Cloud security architecture and engineering

NIST Risk Management Framework (RMF)

FedRAMP

FISMA compliance requirements

Continuous monitoring

Security authorization / ATO processes

Zero Trust concepts and implementation

Identity and access management (IAM)

Container and Kubernetes security

Experience supporting:

Cloud security assessments

Security control implementation and validation

Security architecture reviews

Vulnerability remediation

Risk assessments and mitigation planning

POA&M management

Familiarity with:

AWS GovCloud

Microsoft Azure Government

Infrastructure-as-Code tools

CI/CD pipelines

Security automation and orchestration

Endpoint and network security technologies

Skills & Competencies

Strong analytical and troubleshooting skills

Ability to evaluate emerging technologies and associated security risks

Strong written and verbal communication skills

Ability to work collaboratively across engineering, operations, and security teams

Experience supporting audits, inspections, and compliance reviews

Ability to manage multiple priorities in fast-paced technical environments

Strong documentation and reporting capabilities

Ability to communicate technical concepts to both technical and non-technical audiences, Experience supporting federal cloud modernization or enterprise cybersecurity programs

Experience with Zero Trust architecture implementation

Familiarity with Kubernetes, container security, and serverless technologies

Experience supporting classified or highly regulated environments

Familiarity with cloud-native logging, monitoring, and SIEM solutions

Experience supporting DevSecOps pipelines and automation frameworks