Senior Security Engineer

1 Source Consulting, Inc.
Upper Marlboro, United States of America
17 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Upper Marlboro, United States of America

Tech stack

Software System Penetration Testing
Systems Engineering
Cloud Computing
Computer Security
Multi-Factor Authentication
Monitoring of Systems
Identity and Access Management
Role-Based Access Control
Zero Trust Network Access
Security Content Automation Protocol
Security Information and Event Management
Software Engineering
Systems Architecture
Software Vulnerability Management
SARS Software Products
Information Technology
Nessus
Splunk
Devsecops
Static Application Security Testing
Vulnerability Analysis
Dynamic Application Security Testing

Job description

The Senior Security Engineer will be responsible for designing, implementing, and maintaining cybersecurity solutions to protect mission applications and IT infrastructure. This role ensures compliance with DoD and Intelligence Community (IC) security requirements while enabling operational effectiveness through secure system engineering and continuous monitoring. The candidate will act as a key contributor to cybersecurity architecture, Risk Management Framework (RMF) compliance, and DevSecOps integration within highly classified environments., Cybersecurity Engineering

  • Design, implement, and maintain security controls for mission systems across cloud and on-prem environments.
  • Engineer solutions for network, endpoint, application, and data protection.
  • Support secure system architecture aligned with DoD and IC directives.

RMF & Compliance

  • Lead and support Risk Management Framework (RMF) activities:
  • System categorization, control selection, implementation, assessment, and authorization
  • Ensure compliance with:
  • NIST SP 800-53
  • ICD 503
  • DoD Cloud SRG
  • Develop and maintain security documentation (SSPs, POA&Ms, SARs).

Security Assessment & Authorization

  • Coordinate with Authorizing Officials (AOs), ISSOs, and ISSMs.
  • Conduct and support:
  • Security control assessments
  • Vulnerability assessments and penetration testing remediation
  • Support continuous ATO (cATO) processes.

DevSecOps Integration

  • Integrate security controls into CI/CD pipelines.
  • Implement automated security scanning tools:
  • SAST, DAST, container scanning, IaC security
  • Support secure software development lifecycle (SSDLC) practices.

Vulnerability Management

  • Monitor and remediate vulnerabilities using tools such as:
  • ACAS, Nessus, SCAP tools
  • Analyze findings and prioritize mitigation strategies.
  • Maintain compliance with vulnerability remediation timelines.

Identity & Access Management (IAM)

  • Implement ICAM solutions supporting:
  • Role-Based Access Control (RBAC)
  • Privileged Access Management (PAM)
  • Support multi-factor authentication (MFA) and Zero Trust principles.

Incident Response & Monitoring

  • Support security incident detection, analysis, and response.
  • Work with Security Operations Center (SOC) teams.
  • Implement and maintain monitoring tools (e.g., SIEM solutions like Splunk, ELK).

Requirements

Do you have experience in Intelligence community?, Do you have a Bachelor's degree?, * Education: Bachelor's degree in Cybersecurity, Computer Science, or related field.

  • Experience:
  • 8+ years in cybersecurity engineering or related roles
  • Experience supporting DoD or IC environments
  • Strong understanding of system security engineering principles.

Security Clearance

  • Active Top Secret (TS) clearance required
  • SCI eligibility required (TS/SCI preferred)

Apply for this position