Security Engineer, Information Systems

Job Title: SME Information Systems Security Engineer

Summary:

We are seeking a technically adept Senior Information Systems Security Engineer (ISSE) to support cybersecurity, risk management, and compliance across dynamic environments including cloud-based systems, virtual workspace solutions, infrastructure and data center systems, wide area and local area networks (classified and unclassified) and software development environments.

The ISSE will bridge compliance and technology—ensuring Coast Guard systems meet cybersecurity and accreditation requirements under DoD RMF and NIST SP 800-series guidance, while actively engaging with engineers and administrators to embed security into operations and design.

This role requires both policy fluency and technical literacy, particularly in areas like cloud architecture, virtualization, DevSecOps pipelines, workplace productivity solutions, networks and network security, and ICAM solutions.

Location:

· Primary duty location(s): Alexandria, VA

· Travel to customer sites across CONUS may be required

· Remote support as authorized by the customer

Qualifications: Required

• U.S. Citizenship and an active Secret clearance (or higher).
• 10+ years of experience supporting cybersecurity engineering, RMF, or information assurance functions.
• Demonstrated experience with one or more of the following technical areas:
• Virtualized or cloud-based systems (AWS GovCloud, Azure Government, or similar)
• Virtual desktop/workspace platforms (VDI, Citrix, VMware Horizon, Azure Virtual Desktop)
• Software Factory / DevSecOps environments (GitLab, Jenkins, Nexus, SonarQube, etc.) including API management tools and data streaming
• Identity, Credential, and Access Management (ICAM) solutions (PIV/CAC, IdM, MFA, SSO, RBAC)
• WAN/LAN networks, SIPR and unclassified domains, firewalls and other boundary/perimeter security systems
• Continuous monitoring and end point management systems (MECM, InTune, Trellix, ACAS, SolarWinds)
• Data center and physical computer/storage systems
• Physical end user systems such as laptops, workstations, printers and multi-functional devices, mobile devices
• Working knowledge of:
• NIST SP 800-37, 800-53, , and FIPS 199/200
• DoD RMF and cybersecurity directives
• FISMA, FedRAMP, and Zero Trust principles
• Ability to collaborate effectively with engineers, administrators, and leadership to translate technical configurations into compliance documentation.
• Strong written communication and briefing skills.
• CCISO; CISM; CISSP (or Associate); GSLC

Qualifications: Preferred

• Bachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent experience).
• Experience supporting U.S. Coast Guard, DHS CISA, or DoD cybersecurity programs.
• Familiarity with eMASS, Xacta, or similar RMF management platforms.
• Hands-on familiarity with SIEM tools (e.g., Splunk, ArcSight), endpoint security, or vulnerability management systems.
• Experience applying Zero Trust Architecture (ZTA) or ICAM modernization principles.
• Additional cloud or DevSecOps-related certifications (e.g., AWS Certified Security – Specialty, Azure Security Engineer, or DoD Cloud Proficiency) are highly desirable.

Duties and Responsibilities:

• Support the Risk Management Framework (RMF) lifecycle, including categorization, control selection, assessment, and authorization.
• Develop and maintain key documentation such as System Security Plans (SSPs), Security Assessment Reports (SARs), and POA&Ms.
• Collaborate with infrastructure, DevSecOps, and cloud engineering teams to ensure security controls are implemented in virtualized and containerized environments.
• Evaluate and document compliance for FedRAMP DoD IL2/4/5/6, or other cloud baselines as applicable.
• Participate in technical design reviews to ensure alignment with RMF, Zero Trust, and ICAM principles.
• Support implementation and continuous monitoring of security controls within Microsoft Azure Government, AWS GovCloud, or DoD Cloud environments.
• Analyze and mitigate vulnerabilities identified through automated scans or assessments.
• Work with product managers to proactively plan security compliance and review ongoing security engineering tasks and projects
• Coordinate with ISSOs, system owners, and Authorizing Officials (AOs) to maintain Authority to Operate (ATO) status and ensure timely remediation of findings.
• Facilitate approvals for network interconnections such as the Boundary Cloud Access Point (BCAP) and DISA System/Network Approval Process (SNAP) through the provisioning of required documentation
• Support Product Teams in the preparation, response, and finding remediation for JFHQ-DoDIN Cyber Operational Readiness Assessments (CORAs)
• Manage ISSE team in accordance with product line expectations, successfully translating security needs of all portfolio products into appropriate FISMA boundaries and systems

Decision-Making Authority:

The SME Information Systems Security Engineer has day-to-day decision-making authority for all deliverables, engagements, communications, and other support efforts that they produce for the customer in support of the program and its various projects/initiatives.

About Humango:

Humango Solutions, LLC (Humango) is a Small Business Administration (SBA)-certified Historically Underutilized Business Zone (HUBZone) and Woman-Owned Small Business (WOSB) that delivers services and solutions that maximize our customers' positive impact on society. We are dedicated to supporting, maximizing, and evolving digital solutions and information technology that enables government services to be more effective, accessible, and available to the public.

Pay: $165, $175,000.00 per year

Benefits:

• 401(k) matching
• Dental insurance
• Employee assistance program
• Flexible spending account
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Professional development assistance
• Tuition reimbursement
• Vision insurance

License/Certification:

• CASP CE (Required)
• CGRC (Required)
• CISM (Preferred)
• CISSP (Required)
• CCISO (Required)
• GSLC (Required)

Security clearance:

• Secret (Required)

Ability to Commute:

• Washington, DC Required)

Work Location: In person