Information Systems Security Engineer (ISSE)
Role details
Job location
Tech stack
Job description
STAFFXPERT LLC is seeking an Information Systems Security Engineer (ISSE) on behalf of our client in Washington, DC. This role is ideal for a cybersecurity professional with expertise in cloud security, security architecture, DevSecOps, and federal compliance frameworks. The selected candidate will play a key role in securing enterprise and cloud environments, supporting system authorization activities, and integrating security throughout the system development lifecycle. Key Responsibilities
- Design and implement security controls for enterprise and cloud-based environments, including Microsoft Azure and AWS.
- Integrate security requirements throughout the System Development Life Cycle (SDLC), covering applications, operating systems, information systems, and CI/CD pipelines.
- Design, evaluate, and secure cloud and enterprise architectures.
- Configure and secure Azure networking components, including Virtual Networks (VNets), Network Security Groups (NSGs), Azure Firewall, Private Endpoints, routing tables, and access control mechanisms.
- Assess the effectiveness of implemented security controls and configurations.
- Support security authorization and accreditation activities through technical security engineering expertise.
- Conduct security impact assessments for system, application, architecture, and configuration changes.
- Perform threat modeling and risk analysis to identify and mitigate potential security vulnerabilities.
- Implement Supply Chain Risk Management (SCRM) practices aligned with industry standards.
- Apply application security best practices, including secure coding principles, dependency management, and vulnerability remediation.
- Support DevSecOps initiatives by integrating security controls, scanning, monitoring, and automation within CI/CD pipelines.
- Implement security best practices for containerized environments and Infrastructure as Code (IaC).
- Develop security architecture documentation, technical standards, and risk-based security recommendations., * Work on mission-critical cloud and enterprise security initiatives.
- Collaborate with experienced cybersecurity and engineering professionals.
- Gain exposure to modern cloud security, DevSecOps, and security architecture practices.
- Contribute to the design and protection of complex enterprise systems.
Requirements
-
Bachelor's degree in Cybersecurity, Information Technology, Engineering, Computer Science, or a related field.
-
6+ years of experience in cybersecurity or information security.
-
2+ years of experience in an Information Systems Security Engineering (ISSE) capacity.
-
Strong knowledge of networking concepts, including TCP/IP, routing and switching, firewalls, VPNs, load balancing, and cloud networking.
-
Hands-on experience with Azure networking and cloud security services.
-
Experience implementing application security and DevSecOps practices in cloud environments.
-
Strong understanding of security and compliance frameworks, including:
-
NIST Risk Management Framework (RMF)
-
FedRAMP
-
NIST SP 800-161
-
NIAP / Common Criteria
-
Experience conducting security impact assessments and threat modeling.
-
Excellent analytical, problem-solving, and communication skills., * Professional cybersecurity certifications such as CISSP, CCSP, Security+, Azure Security Engineer, AWS Security Specialty, or equivalent.
-
Experience with Kubernetes, container security, and Infrastructure as Code technologies.
-
Experience supporting highly regulated or enterprise-scale environments.
-
Familiarity with cloud-native security monitoring, automation, and compliance tooling.