Information Security Specialist

MAXISIQ, Inc.
Fort Meade, United States of America
23 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Fort Meade, United States of America

Tech stack

Microsoft Windows
Agile Methodologies
Ubuntu (Operating System)
Computer Security
Information Systems
Linux
VMware ESX Servers
Networking Hardware
Python
Linux System Administration
Logical Security
Windows Domain
Package Management Systems
Systems Development Life Cycle
Red Hat Enterprise Linux - RHEL
Ansible
Security Software
Software Engineering
Virtualization Technology
Software Vulnerability Management
Scripting (Bash/Python/Go/Ruby)
Juniper
Containerization
CIS Benchmarks
Cisco networks
Docker
Vulnerability Analysis
VMware

Job description

MAXISIQ is seeking a highly skilled Information Security Specialist / Information Systems Security Engineer (ISSE) to maintain responsibility for all duties in support of Department of Defense (DoD), Risk Management Framework (RMF), and Intelligence Community Directive (ICD) 503, while applying strong security engineering principles and hands-on technical expertise. In addition to intermediate to advanced knowledge of NIST SP 800-53 security controls and CNSSI 1253, this role emphasizes engineering experience across system hardening, automation, and vulnerability remediation. You will provide systems security engineering and architecture principles in support of RMF, including specification, design, development, implementation, and modification of information system components. The successful candidate will not only select, tailor, and implement NIST SP 800-53 security controls for RMF Assessment and Authorization (A&A) but also actively engineer solutions to remediate vulnerabilities and improve system security posture. Key responsibilities include:

  • Develop layered protections and establish cybersecurity SOPs or guidelines for authorization boundaries.
  • Apply system development life cycle principles such as Agile (preferred).
  • Perform vulnerability management and implement fix actions across Windows, Linux/Unix, and containerized environments.
  • Engineer and automate security configurations using tools such as Ansible and scripting in Python.
  • Implement and maintain DISA STIGs and CIS Benchmarks across diverse platforms, including RHEL, Ubuntu, Windows operating systems, VMware/ESXi, and 3rd-party applications, as well as network devices such as Cisco (NXOS, ASRs, IOS-XE, ASA) and Juniper.
  • Manage Linux administration and package management, as well as Windows Domain Controller compliance.
  • Support container security engineering with Docker and related technologies.
  • Conduct vulnerability scans using ACAS, interpret results, and drive remediation efforts.
  • Collaborate with developers to ensure secure coding practices and integrate security into CI/CD pipelines.
  • Delineate physical and logical security boundaries for systems and networks.
  • Ensure software developers are trained on secure software development practices.
  • Generate and interpret vulnerability scans, implement STIGs and CIS Benchmarks, and support RMF Continuous Monitoring activities, including remediating and/or mitigating findings on system POA&Ms.
  • Provide guidance on encryption techniques and tools as part of system security engineering.

Requirements

  • 8+ years as an Information Systems Security Engineer or Security Engineer with RMF experience.
  • Possess working knowledge of cybersecurity tools, such as ACAS, DISA STIGs/SCAPs/CIS Benchmarks.
  • Hands-on experience with vulnerability management and remediation across multiple operating systems.
  • Proficiency with automation tools (Ansible) and scripting (Python).
  • Working knowledge of virtualization platforms (VMware/ESXi) and container technologies (Docker).
  • Familiarity with network device hardening and STIG implementation for Cisco and Juniper platforms.
  • Experience applying DISA STIGs, SCAPs, and CIS Benchmarks.
  • Top Secret/SCI Security Clearance.
  • Bachelor's degree from an accredited college or university.
  • Security Architect certifications IAW DoD Directive 8140.01 (e.g., CompTIA CASP, Cisco CCSP, SANS GSEC).

About the company

Since 2006, MAXISIQ has advanced the state of Cyber RDT&E by bringing together industry expertise in software, hardware, communications and security, and leveraging decades of operational experience to deliver exceptional value to communities and the critical missions they support. Join us where we innovate, develop smarter solutions, technologies, services, and actionable capabilities for our clients- right when they need it most.

Apply for this position