Information System Security Engineer

TLA is seeking an Information System Security Engineer (ISSE). This is a critical role responsible for designing, developing, implementing, and maintaining secure information systems and networks. The ISSE ensures that security requirements are effectively integrated into systems throughout their entire lifecycle, from design to disposal. This position involves close collaboration with system owners, developers, and other stakeholders to identify vulnerabilities, assess risks, and implement robust security controls in accordance with industry standards and regulatory frameworks such as the NIST Risk Management Framework (RMF) and DoD 8570/8140 guidelines.
• Security Architecture and Design: Design, develop, and implement network and system security measures that provide confidentiality, integrity, availability, authentication, and non-repudiation.
• Risk Management: Assess and mitigate system security threats and risks throughout the program life cycle, including performing technical security assessments and vulnerability analyses.
• Compliance and Documentation: Ensure systems comply with applicable security policies, standards, and methodologies (e.g., NIST, DoD, FISMA). Prepare and maintain security documentation, including System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), and security assessment reports.
• Testing and Validation: Plan and conduct security verification testing, using tools like vulnerability scanners (e.g., Nessus, ACAS) to identify weaknesses and ensure controls are in place and effective.
• Operational Support and Incident Response: Monitor systems for irregular behavior, support security incident response activities, and manage changes to systems while assessing their security impact.
• Collaboration and Guidance: Serve as a subject matter expert, providing guidance to development, engineering, and program teams on secure design, development, and secure coding techniques.
• System Hardening: Oversee the implementation of security configuration settings and hardening of systems (e.g., using DISA STIGs) to minimize vulnerabilities.

Requirements

Required Skills and Experience
• Education: Bachelor's degree in Computer Science, Information Technology, Information Assurance, Information Systems Security Engineering, or a related field (or equivalent experience).
• Experience: A minimum of 5-8 years of experience in information security engineering, system administration, and/or cybersecurity, with hands-on experience in implementing security controls and supporting authorization processes.
• Technical Skills:

o Expert knowledge of security engineering principles, secure architecture, and design concepts.

o Hands-on experience with security tools such as vulnerability scanners (Nessus/ACAS), SIEM platforms (Splunk, LogRhythm), and security configuration tools (DISA STIGs, SCAP).

o Strong understanding of network protocols, firewalls, intrusion detection/prevention systems, encryption techniques, and access controls.

o Familiarity with various operating systems (Windows, Linux, Unix) and secure configuration management.

o Experience with risk management frameworks, specifically the NIST RMF and/or DoD 8500 series guidance.
• Soft Skills: Strong analytical thinking, attention to detail, problem-solving capabilities, and excellent communication skills to collaborate effectively with technical and non-technical stakeholders.
• Clearance (if applicable): May require a U.S. Citizenship and an active security clearance (e.g., Secret, Top Secret, or SCI).

Preferred Certifications
• Certified Information Systems Security Professional (CISSP)
• CISSP-Information Systems Security Engineering Professional (ISSEP)
• Certified Cloud Security Professional (CCSP)
• Certified Ethical Hacker (CEH) or GIAC certifications (GSEC, GCIH)

Vendor-Specific Certifications: AWS Certified Security Specialty, Cisco Certified Network Associate (CCNA) Security, or similar cloud/network vendor certifications.

Benefits

At TLA, we build solutions that matter-supporting national security missions through technology innovation, collaboration, and excellence. Our team is passionate about leveraging modern technologies to deliver impactful, mission-focused outcomes for our customers.

We offer a competitive and comprehensive benefits package including:

• Competitive salary and performance bonuses
• Medical, dental, and vision coverage
• Paid time off and federal holidays
• 401(k) with company match
• Education and certification reimbursement
• Training and professional development opportunities
• Employee referral bonuses and team events