Senior Information Systems Security Engineer

As a Senior Information Systems Security Engineer, you will serve as a senior technical contributor for the cybersecurity posture, compliance framework, and risk management initiatives. Core responsibilities include:

• Support the program's cyber-risk reduction and vulnerability mitigation.
• Performs continuous scanning, patching, and exposure reduction activities.
• Maintains ATO compliance and strengthens security governance.
• Expands security automation to improve resilience and consistency.
• Collaborate with infrastructure and engineering teams to ensure vulnerability mitigation and scanning tools are embedded in design.
• Evaluate risk and document compliance baselines to strengthen overall system security governance.
• Participate in technical reviews to continuously analyze and mitigate vulnerabilities across the environment.
• Support automation implementation and continuous monitoring of security controls within cloud environments.
• Work with product managers to plan security compliance and prioritize scanning, patching, and risk reduction tasks.
• Facilitate documentation required to maintain secure interconnections and preserve ATO compliance status.
• Support Product Teams in preparing for cyber assessments to proactively validate vulnerability mitigation and security posture.

High School with 9+ years (or commensurate experience), * Certifications: DoD 8570 IAT Level II or higher (e.g., Security+ CE, CySA+, etc).

• Experience focused on cyber-risk reduction, vulnerability mitigation, and maintaining compliance frameworks.
• Demonstrated technical experience performing continuous scanning, risk analysis, and endpoint patching workflows.
• Working knowledge of risk reduction governance, baseline compliance frameworks, and security automation principles.
• Ability to collaborate effectively with engineers to translate technical system configurations into risk reduction strategies.

Clearance Level: Must have an active Secret clearance

Preferred Skills & Experience

• Prior experience supporting software modernization programs through continuous scanning and automated exposure reduction.
• Advanced baseline cybersecurity certifications focused on governance and risk mitigation (e.g., CCISO, CISM, CISSP, or GSLC).
• Strong written communication skills to articulate risk metrics, vulnerability statuses, and compliance posture to leadership.