Information System Security Engineer (ISSE) - Hybrid

About Coalfire

Coalfire Federal is a market leading cybersecurity consultancy firm that provides independent and tailored advice, assessments, technical testing and a full suite of cyber engineering services to Federal agency customers.  Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with leading cloud and technology providers including Amazon, Microsoft, IBM, Google and Oracle and Federal agencies.  Coalfire has been a cybersecurity thought leader for over 20 years and has offices throughout the United States and Europe and is committed to making the world a safer place by solving our clients’ toughest security challenges. 

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.  

We’re currently seeking a Mid-level Information System Security Engineer (ISSE) to support our team in Washington, D.C. Open to local candidates in the Washington, D.C. / Northern VA / Maryland areas. 

Position Summary 

The mid-level Information System Security Engineer will provide services related to the enhancement, expansion, or consolidation of cybersecurity information assurance support. Support may include activities such as the systematic transfer of cybersecurity monitoring or incident response workloads to designated operations centers, or (in the case of newly identified threats or vulnerabilities) providing initial support to address and mitigate the impact of such threats.

Location Details

Hybrid - 3 days on government client site

What you'll do

• The ISSE’s responsibilities include security oversight of system deployments, system and component configuration, monitoring and reporting. This position will have a role in performing security impact assessments, security testing, and working with operations and development teams on remediation and mitigation of findings.
• The ISSE’s primary role will be to provide support to planning, designing and implementing security controls which safeguard and monitor events for information systems, enterprise applications and data.
• The ISSE shall provide information system security engineering support to verify and validate proposed architectures and implementations based on sound security engineering principles and practices. ISSE should have experience performing IT product security specification reviews and have prior experience in creating Security baselines for Information systems and must perform a Security Impact analysis for all exceptions or deviations.
• Identify security requirements and provide input to the system design to ensure the proper controls are built-in;
• Participate in planning and executing in the system development life cycle of new system cycles;
• Conduct risk analysis and update the risk assessment report for all changes to the FISMA systems; and provide a security impact analysis to include but not limited to the change to the overall system risk rating and posture and documentation that is impacted requiring updates.

What you'll bring

• Understanding of the NIST Risk Management Framework and associated special publications (800-37, 800-53, etc
• Understanding of cloud solutions e.g. IaaS, PaaS, and SaaS
• Cloud related experience and or certifications
• Communication, written, verbal
• JCAM experience preferred

Education 

Completed Bachelor’s degree from an accredited university, preferably in an IT related field.

Clearance / Suitability 

Ability to obtain a clearance or a Public Trust is preferred, however all clearance levels and non-cleared applicants will also be considered.

Certifications One or more of the following must be active and verifiable: CISM, CISA, GSLC, or Security +

A completed CISSP is preferred. 

Years of Experience 

At minimum 5 years of ISSE experience in the cybersecurity / IT space is required

Bonus Points

• NIST Cybersecurity Framework experience
• Familiarity with AI tools and governance
• Experience with process improvement, documenting procedures and workflow

Why you'll want to join us

Our people make Coalfire Federal great. We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve.

Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more.

You’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support memberships, and comprehensive insurance options.  

Coalfire is an EEO employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.