Information Systems Security Engineer-RMF

Job Description:

AT&T Global Public Sector is a trusted provider of secure, IP enabled, cloud-based, network solutions and professional services to the Federal Government. We are dedicated to recruiting, developing and empowering a diverse, high-performing workforce that is passionate about what they do, committed to our shared values and dedicated to our customers' mission.

RIS I is the delivery of regional IT services to the end user. We offer support of end user devices including desktop, workplace peripherals, and voice and video devices. We support local and campus area networks, including wireless and cable plant.

AT&T has an opening for an Information Systems Security Engineer: To support the team by performing or reviewing technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (AI) standards and regulations, and recommend mitigation strategies. This position requires office presence a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.

The job duties of the Information Systems Security Engineer are as follows:

• Serve as the technical security engineer for assigned systems and System Security Plans (SSPs), ensuring full lifecycle RMF compliance.
• Provide technical input for Authorization to Operate (ATO) packages, risk acceptance decisions, and continuous monitoring efforts.
• Implement and validate security controls from NIST SP and serve as technical security liaison with technology frameworks to complete.
• Ensure all controls are properly mapped, implemented, and tested within the Security Control Traceability Matrix (SCTM) and respond to Security Assessment Report (SAR).
• Collaborate with the vulnerability scanning team (e.g., Tenable operators) to ensure scan compliance, findings are addressed, retested, and reflected accurately in the system's risk posture.
• Support continuous monitoring activities, including vulnerability tracking, control reassessments, and serve as technical security liaison with technology frameworks.
• Coordinate with ISSOs and system administrators to document and remediate vulnerabilities, control deficiencies, and Plan of Action & Milestones (POA&M) items.
• Lead or support reauthorization efforts, ensuring all system technical artifacts are updated, validated, and submitted on schedule.
• Evaluate and document security-relevant changes, assessing configuration updates, patches, or system modifications for RMF impact.
• Interface with Security Architect to ensure designs, configurations, and security mitigations align with approved architectures and customer mandates.
• Work with Technology Framework teams to complete all system documentation.
• Test and evaluate configurations in a lab environment.
• Knowledge of servers, virtualization, routers, switches, and firewalls as well as VLANS, routing and network segmentation.
• Demonstrated experience authoring and maintaining System Security Plans (SSPs), SCTMs, and POA&Ms.
• Solid understanding of continuous monitoring, reauthorization, and configuration management processes.
• Hands-on familiarity with Tenable, Splunk, STIG Viewer, and customer security compliance management tools.
• Knowledge of Windows, Linux, and network security controls implementation.
• Provide security operations support as needed.
• Excellent communication and teamwork skills.  Willingness to train junior team members.
• Results oriented, high energy, self-motivated.
• Candidate may be required to respond to after-hours requests as required in a 24 x 7 environment.

Required Clearance: TS/SCI with polygraph. (#ts/sci) (#polygraph)

Required Qualifications: Fourteen (14) years' experience as an ISSE on programs and contracts of similar scope, type, and complexity within the Federal Government is required. Bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university is required. Four (4) years of additional ISSE experience may be substituted for a bachelor's degree. Active DoD 8570 IAT Level II or III certification (e.g., Security+, CASP, CISSP, or equivalent).

Ready to join our team? Apply Today

Our Information Systems Security Engineer-RMF (ISSE II) (Government) earns between $98,100 - $180,300  yearly. Not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

Joining our team comes with amazing perks and benefits:

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays) *Pro-rated when working less than 40 hrs/wk.
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected · Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone

Weekly Hours:

Time Type:

Location:

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.