Information Systems Security Engineer (ISSE)

Amazon.com, Inc.
Washington, United States of America
14 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Washington, United States of America

Tech stack

Kubernetes Security
Amazon Web Services (AWS)
Azure
Cloud Computing
Cloud Computing Security
CompTIA Security+
Computer Security
Information Systems
Continuous Integration
Virtual Private Networks (VPN)
Network Security
Routing
Systems Development Life Cycle
Secure Coding
Systems Integration
TCP/IP
Software Vulnerability Management
Load Balancing
Cloud Platform System
Software Security
Firewalls (Computer Science)
Infrastructure as Code (IaC)
Containerization
Kubernetes
Information Technology
Devsecops

Job description

STAFFXPERT LLC is seeking an Information Systems Security Engineer (ISSE) on behalf of our client in Washington, DC. This role is ideal for a cybersecurity professional with expertise in cloud security, security architecture, DevSecOps, and federal compliance frameworks. The selected candidate will play a key role in securing enterprise and cloud environments, supporting system authorization activities, and integrating security throughout the system development lifecycle. Key Responsibilities

  • Design and implement security controls for enterprise and cloud-based environments, including Microsoft Azure and AWS.
  • Integrate security requirements throughout the System Development Life Cycle (SDLC), covering applications, operating systems, information systems, and CI/CD pipelines.
  • Design, evaluate, and secure cloud and enterprise architectures.
  • Configure and secure Azure networking components, including Virtual Networks (VNets), Network Security Groups (NSGs), Azure Firewall, Private Endpoints, routing tables, and access control mechanisms.
  • Assess the effectiveness of implemented security controls and configurations.
  • Support security authorization and accreditation activities through technical security engineering expertise.
  • Conduct security impact assessments for system, application, architecture, and configuration changes.
  • Perform threat modeling and risk analysis to identify and mitigate potential security vulnerabilities.
  • Implement Supply Chain Risk Management (SCRM) practices aligned with industry standards.
  • Apply application security best practices, including secure coding principles, dependency management, and vulnerability remediation.
  • Support DevSecOps initiatives by integrating security controls, scanning, monitoring, and automation within CI/CD pipelines.
  • Implement security best practices for containerized environments and Infrastructure as Code (IaC).
  • Develop security architecture documentation, technical standards, and risk-based security recommendations., * Work on mission-critical cloud and enterprise security initiatives.
  • Collaborate with experienced cybersecurity and engineering professionals.
  • Gain exposure to modern cloud security, DevSecOps, and security architecture practices.
  • Contribute to the design and protection of complex enterprise systems.

Requirements

  • Bachelor's degree in Cybersecurity, Information Technology, Engineering, Computer Science, or a related field.

  • 6+ years of experience in cybersecurity or information security.

  • 2+ years of experience in an Information Systems Security Engineering (ISSE) capacity.

  • Strong knowledge of networking concepts, including TCP/IP, routing and switching, firewalls, VPNs, load balancing, and cloud networking.

  • Hands-on experience with Azure networking and cloud security services.

  • Experience implementing application security and DevSecOps practices in cloud environments.

  • Strong understanding of security and compliance frameworks, including:

  • NIST Risk Management Framework (RMF)

  • FedRAMP

  • NIST SP 800-161

  • NIAP / Common Criteria

  • Experience conducting security impact assessments and threat modeling.

  • Excellent analytical, problem-solving, and communication skills., * Professional cybersecurity certifications such as CISSP, CCSP, Security+, Azure Security Engineer, AWS Security Specialty, or equivalent.

  • Experience with Kubernetes, container security, and Infrastructure as Code technologies.

  • Experience supporting highly regulated or enterprise-scale environments.

  • Familiarity with cloud-native security monitoring, automation, and compliance tooling.

About the company

STAFFXPERT LLC partners with organizations to deliver high-quality hiring solutions across industries. We specialize in connecting skilled professionals with the right opportunities, ensuring an optimal fit for both clients and candidates. Learn more at

Apply for this position