Security Engineering

Information System Security Engineer (ISSE) – TS/SCI Full Scope Poly – Annapolis Junction, MD

Information System Security Engineer (ISSE) – TS/SCI Full Scope Poly

📍 Location: Annapolis Junction, MD
🏢 Work Arrangement: 100% Onsite
💼 Employment Type: Full-Time
🔒 Security Clearance Required: Active TS/SCI with Full Scope Polygraph (NSA Preferred)
🇺🇸 Citizenship: U.S. Citizen Required
🎓 Certification Required: DoD 8570/8140 IASAE Level II Compliant Certification
🚫 Visa Sponsorship: Not Available
🚚 Relocation Assistance: Available
💰 Compensation: $100,000 – $200,000 Base Salary

Overview

A leading government technology contractor is seeking Information System Security Engineers (ISSEs) to support mission-critical classified government programs.

This role focuses on integrating cybersecurity engineering principles throughout the entire system lifecycle, including system design, implementation, accreditation, continuous monitoring, and sustainment. The ISSE will play a critical role in Risk Management Framework (RMF) execution, Assessment & Authorization (A&A) activities, security control validation, and ongoing cybersecurity compliance.

The ideal candidate will possess a strong blend of cybersecurity engineering, RMF expertise, technical security assessment experience, and security architecture knowledge within highly secure classified environments.

Key Responsibilities

Risk Management Framework (RMF)

  • Support the full RMF lifecycle for classified information systems.

  • Develop and maintain RMF documentation and security artifacts.

  • Assist with Authority to Operate (ATO) activities and sustainment.

  • Support Assessment & Authorization (A&A) efforts.

  • Maintain body-of-evidence packages for accreditation activities.

Security Engineering

  • Implement and validate security controls.

  • Perform Security Control Traceability and technical validation.

  • Support system boundary definition and security architecture development.

  • Conduct technical security assessments and risk analysis.

  • Recommend security improvements and mitigation strategies.

Compliance & Continuous Monitoring

  • Participate in Continuous Monitoring (ConMon) activities.

  • Conduct compliance assessments and security reviews.

  • Analyze vulnerability scan results and remediation efforts.

  • Verify remediation effectiveness and identify false positives.

  • Ensure ongoing compliance with cybersecurity requirements.

Vulnerability Management & Hardening

  • Support vulnerability management programs.

  • Implement and validate STIG compliance.

  • Support patch validation and security compliance efforts.

  • Assist with system hardening initiatives.

  • Coordinate remediation activities with technical teams.

Stakeholder Collaboration

  • Work closely with:

    • ISSOs

    • ISSMs

    • Security Control Assessors (SCAs)

    • System Owners

    • System Administrators

  • Support accreditation, compliance, and cybersecurity engineering efforts across mission systems.

Required Qualifications

Security Requirements

✔ Active TS/SCI Clearance

✔ Active Full Scope Polygraph (NSA Preferred)

✔ U.S. Citizenship Required

Certification Requirement

✔ DoD 8570/8140 IASAE Level II Compliant Certification

Examples include:

  • CISSP

  • CASP+

  • CCSP

  • CSSLP

Cybersecurity & RMF Experience

Strong experience with:

  • Risk Management Framework (RMF)

  • Assessment & Authorization (A&A)

  • Authority to Operate (ATO)

  • Security Control Implementation

  • Security Control Validation

  • Continuous Monitoring (ConMon)

NIST Knowledge

Strong familiarity with:

  • NIST SP 800-37

  • NIST SP 800-53 Rev. 3 and/or Rev. 5

  • Security Control Frameworks

  • RMF Compliance Processes

RMF & Compliance Tools

Experience with one or more of:

  • LATTEART

  • XACTA

  • BISCOTTI

  • WATCHCAT

  • STE

Additional experience with:

  • Compliance scanning tools

  • Configuration assessment tools

  • Vulnerability management platforms

Core ISSE Skill Areas

Security Engineering

  • Security Control Implementation

  • Security Control Validation

  • Security Architecture Support

  • System Boundary Definition

Compliance & Accreditation

  • Assessment & Authorization (A&A)

  • RMF Artifact Development

  • Accreditation Package Support

  • Body of Evidence Management

Vulnerability Management

  • Vulnerability Analysis

  • Remediation Tracking

  • Patch Validation

  • STIG Compliance

  • Security Hardening

Risk Management

  • Technical Risk Analysis

  • Compliance Validation

  • Continuous Monitoring (ConMon)

  • Security Assessment Support

Preferred Qualifications

Government & Classified Environment Experience

  • Classified Government cybersecurity programs.

  • Large-scale enterprise systems.

  • Mission-critical environments.

Technical Infrastructure Exposure

Experience supporting:

  • Enterprise Linux environments

  • Network infrastructure

  • Cloud environments

Stakeholder Coordination

Experience collaborating with:

  • ISSOs

  • ISSMs

  • Security Control Assessors

  • System Owners

  • Engineering Teams

Must-Have Requirements

Clearance

✅ Active TS/SCI Clearance

✅ Active Full Scope Polygraph

Certification

✅ IASAE Level II Certification

Cybersecurity

✅ RMF Experience

✅ A&A Experience

✅ ATO Experience

✅ Security Control Validation

Compliance

✅ Continuous Monitoring

✅ Vulnerability Management

✅ STIG Implementation

Documentation

✅ RMF Artifacts

✅ Accreditation Packages

✅ Security Documentation

Screening Questions

  1. Do you currently hold an active TS/SCI clearance with a Full Scope Polygraph?

  2. Was your Full Scope Polygraph issued by NSA?

  3. When was your most recent Full Scope Polygraph completed?

  4. Which IASAE Level II certification do you currently hold (CISSP, CASP+, CCSP, CSSLP, etc.)?

  5. How many years of ISSE or cybersecurity engineering experience do you have?

  6. Have you supported the full RMF lifecycle, including A&A and ATO activities?

  7. Which RMF tools have you used (XACTA, LATTEART, BISCOTTI, WATCHCAT, STE)?

  8. Do you have experience implementing and validating security controls?

  9. Have you supported STIG implementation, vulnerability remediation, and compliance validation?

  10. Do you have experience supporting classified government systems?

Ideal Candidate Profile

The ideal candidate will:

  • Hold an active TS/SCI Full Scope Polygraph.

  • Possess an active IASAE Level II certification.

  • Have strong cybersecurity engineering experience within classified environments.

  • Be highly knowledgeable in RMF, A&A, and ATO processes.

  • Understand security architecture, control implementation, and compliance validation.

  • Have experience supporting vulnerability management and STIG compliance.

  • Demonstrate excellent analytical, troubleshooting, and documentation skills.

  • Balance mission objectives with cybersecurity requirements and risk management practices.

Candidate Snapshot

Requirement

Details

Clearance

Active TS/SCI + Full Scope Poly

Citizenship

U.S. Citizen

Experience Level

Mid-Level to Senior

Certification

IASAE Level II Required

Frameworks

RMF, NIST 800-37, NIST 800-53

Compliance

A&A, ATO, ConMon

Security

Control Implementation & Validation

Documentation

RMF Artifacts & Accreditation Packages

Tools

XACTA, LATTEART, BISCOTTI, WATCHCAT, STE

Location

Annapolis Junction, MD

Work Arrangement

100% Onsite

Travel

None

Compensation

$100K – $200K

Relocation

Available

Why This Opportunity?

Mission Impact

Support highly classified systems that directly contribute to critical national security missions.

Cybersecurity Engineering Focus

Move beyond compliance into hands-on security engineering, architecture support, security control validation, and accreditation activities.

Technical Growth

Gain exposure to advanced RMF processes, security engineering practices, vulnerability management, and enterprise cybersecurity operations.

Strong Benefits Package

  • 3 Weeks PTO

  • 11 Federal Holidays

  • Medical & Dental Coverage

  • Life Insurance

  • STD & LTD Coverage

  • 401(k) with Company Match

  • Long-Term Career Development

This opportunity is ideal for an Information System Security Engineer (ISSE), Cybersecurity Engineer, RMF Engineer, Security Compliance Engineer, Cybersecurity Architect, A&A Specialist, or Security Controls Engineer with an active TS/SCI Full Scope Polygraph and IASAE Level II certification seeking to support highly sensitive government programs.

 

SOC Analyst – Montvale, NJ | Hybrid Cybersecurity & Vulnerability Management

SOC Analyst

📍 Location: Montvale, New Jersey
🏢 Work Model: Hybrid – 3 days onsite / 2 days remote
🏠 Employees work remotely every Friday + receive 40 additional remote days annually
💼 Employment Type: Full-Time
📈 Seniority Level: Associate / Mid-Level
🎓 Education: Bachelor’s Degree preferred
🔐 Industry: Cybersecurity / Manufacturing / Enterprise IT

💰 Compensation & Benefits

  • Salary Range: $90,000 – $110,000

  • Full benefits package

  • Hybrid flexibility

  • Collaborative and supportive IT/security environment

🚀 Overview

A growing enterprise organization is seeking a SOC Analyst to strengthen its cybersecurity operations through security monitoring, alert investigation, and vulnerability management.

This role combines Security Operations Center (SOC) responsibilities with hands-on vulnerability analysis and remediation coordination across enterprise infrastructure and endpoint environments.

The ideal candidate is analytical, collaborative, proactive, and highly communicative with experience supporting enterprise security operations.

🔧 Key Responsibilities

Security Operations

  • Monitor, triage, and investigate alerts from:

    • SIEM platforms

    • Endpoint protection tools

    • Security monitoring systems

  • Distinguish legitimate threats from false positives

  • Document findings and communicate results clearly

  • Assist with alert tuning and optimization efforts

Vulnerability Management

  • Support enterprise vulnerability scanning and assessments

  • Analyze vulnerability findings and prioritize remediation activities

  • Research CVEs and provide:

    • Exploitability analysis

    • Business impact context

    • Remediation guidance

  • Track remediation progress and validate fixes

Collaboration & Communication

  • Partner closely with:

    • Infrastructure teams

    • IT leadership

    • Cybersecurity teams

  • Maintain strong communication and visibility around risks and remediation efforts

  • Proactively identify opportunities for improvement

Continuous Improvement

  • Assist with:

    • DLP and information protection controls

    • System hardening initiatives

    • Documentation and runbook development

  • Explore enhanced capabilities within existing security tooling

✅ Required Qualifications

  • Bachelor’s degree in:

    • Cybersecurity

    • Computer Science

    • Information Technology

    • Related discipline
      OR equivalent practical experience

  • 3–5 years of experience in:

    • Security operations

    • Vulnerability management

    • Endpoint protection analysis

  • Strong understanding of:

    • CVEs

    • Risk prioritization

    • Vulnerability remediation processes

  • Excellent communication and collaboration skills

⭐ Preferred Skills

  • Experience with:

    • SIEM platforms

    • Enterprise log analysis

    • Endpoint detection & response (EDR) tools

  • Familiarity with:

    • Active Directory

    • Group Policy

    • Security baselines

  • Scripting or reporting experience:

    • PowerShell

    • Python

    • Power BI

  • Security certifications are a plus but not required

🎯 Ideal Candidate

  • Hands-on SOC or cybersecurity analyst with enterprise experience

  • Strong communicator who proactively keeps stakeholders informed

  • Comfortable balancing:

    • Security investigations

    • Vulnerability analysis

    • Cross-functional collaboration

  • Curious, self-driven, and eager to improve security operations

📝 Screening Considerations

  • Do you have experience with:

    • SOC operations

    • Vulnerability management

    • Endpoint security tools?

  • Have you worked with SIEM or enterprise detection platforms?

  • Are you comfortable working in a hybrid environment in Montvale, NJ?

  • Do you have experience coordinating remediation efforts with infrastructure teams?

🌍 Work Environment

  • Hybrid work schedule:

    • 3 onsite days

    • 2 remote days

  • Additional remote flexibility throughout the year

  • Collaborative enterprise IT and cybersecurity team

  • Occasional travel between NY/NJ locations may be required

📈 Why Join

  • Broad exposure across enterprise cybersecurity operations

  • Opportunity to influence security tooling and processes

  • Supportive, highly collaborative IT culture

  • Strong focus on learning, ownership, and continuous improvement

 

Senior Azure / Entra ID Engineer – IAM & Cloud Security (Contract)

Senior Azure / Entra ID Engineer – Contract

📍 Location: San Francisco, CA or Cincinnati, OH (Local candidates only)
💼 Employment Type: Contract
💰 Pay Rate: $67/hour
🎓 Education: Bachelor’s Degree preferred
📈 Experience Level: Mid–Senior
🕒 Experience Required: 8–10+ years
🌎 Visa Sponsorship: Not available
🚚 Relocation Assistance: Not available

Role Overview

We are seeking a Senior Azure / Entra ID Engineer to support enterprise identity and access management initiatives within a secure cloud environment.

This role focuses on the hands-on implementation, configuration, and troubleshooting of Microsoft Entra ID (Azure AD) security controls, including Conditional Access, Identity Protection, MFA, and Privileged Identity Management (PIM).

The successful candidate will work closely with IAM architects and security teams to translate architecture designs into production-ready identity solutions, while also resolving complex identity and authentication issues across the environment.

Key Responsibilities

Identity & Access Management Engineering

  • Build, configure, and support Microsoft Entra ID (Azure AD) identity services

  • Implement identity security controls and authentication policies

  • Translate IAM architecture designs into secure production configurations

Identity Security Implementation

  • Configure and manage:

    • Conditional Access policies

    • Multi-Factor Authentication (MFA)

    • Identity Protection policies

    • Privileged Identity Management (PIM)

  • Support secure identity governance and least-privilege access models

Device & Security Integration

  • Integrate identity controls with device compliance and endpoint security solutions

  • Ensure authentication and access policies align with security standards

  • Maintain identity posture across cloud and enterprise environments

Troubleshooting & Support

  • Perform L3 troubleshooting for complex identity and authentication issues

  • Resolve advanced Azure / Entra ID configuration and security problems

  • Support operational stability and reliability of identity infrastructure

Collaboration

  • Work closely with IAM Architects and security teams

  • Support identity platform improvements and security enhancements

  • Provide documentation and knowledge transfer where required

Required Qualifications

  • 8–10+ years of experience in identity engineering, cloud infrastructure, or enterprise IAM

  • Strong experience with Microsoft Azure and Entra ID (Azure AD)

  • Hands-on experience configuring:

    • Conditional Access

    • MFA

    • Identity Protection

    • Privileged Identity Management (PIM)

  • Experience troubleshooting complex identity and authentication issues

  • Strong understanding of enterprise identity security practices

Technical Skills

  • Microsoft Azure Active Directory / Entra ID

  • Identity and access management frameworks

  • Conditional Access policy implementation

  • MFA and identity protection controls

  • Privileged access management (PIM)

  • Device compliance and endpoint integrations

Ideal Candidate

The ideal candidate is an experienced Azure Identity Engineer who:

  • Has strong hands-on Entra ID configuration experience

  • Understands enterprise identity security architecture

  • Can translate IAM designs into secure operational solutions

  • Is comfortable handling L3 troubleshooting and advanced identity issues

  • Works effectively with security, architecture, and infrastructure teams

 

Staff Product Security Engineer | Medical Devices | Limerick, Ireland | Onsite

🔐 Staff Product Security Engineer

📍 Location: Limerick City, Munster, Ireland (Onsite – minimum 4 days per week)
🏢 Industry: Medical Devices / Healthcare Technology
🧠 Level: Mid–Senior
💼 Employment Type: Full-Time
✈️ Travel: Occasional
🛂 Visa Sponsorship: Not available
💶 Salary Range: €85,000 – €95,000
🎁 Benefits: Full benefits package

🚀 The Opportunity

An innovative global medical technology organisation is seeking a Staff Product Security Engineer to play a critical role in shaping and strengthening product security across next-generation healthcare solutions.

This is a highly visible position offering the opportunity to:

  • Influence security strategy across product portfolios

  • Embed secure-by-design principles across the full product lifecycle

  • Lead security maturity improvements

  • Work cross-functionally with R&D, Quality, Regulatory, and IT

  • Protect products in an evolving threat landscape

If you're passionate about cybersecurity, product resilience, and impact-driven work in healthcare, this role offers both purpose and technical depth.

🎯 Key Responsibilities

  • Lead and develop a high-performing Product Security function

  • Define and guide product security strategy aligned with regulatory and enterprise cybersecurity objectives

  • Embed secure-by-design practices, threat modelling, and proactive vulnerability management

  • Partner with R&D, Quality, Regulatory, and IT teams to ensure security is integrated throughout the product lifecycle

  • Conduct product security risk assessments and support remediation strategies

  • Support product security documentation, including governance and compliance artefacts

  • Review technical designs and source code; provide clear, actionable recommendations

  • Support incident response and vulnerability management efforts

  • Implement best practices for:

    • Encryption & PKI

    • Authentication & access control

    • Audit logging

    • Secure hardening

    • Patch management

    • Vulnerability monitoring

  • Track and report security posture using meaningful metrics

  • Ensure adherence to development policies and quality management systems

🧠 Required Experience & Qualifications

  • Bachelor’s degree in Computer Science, Engineering, or related field (or equivalent experience)

  • 5+ years experience in:

    • Security architecture

    • Secure software development

    • Systems and architecture design

  • Experience working in regulated environments with strong QMS adherence

  • Proven experience leading or mentoring teams

  • Strong understanding of:

    • Encryption algorithms and PKI

    • Embedded device security

    • Networking and threat models

    • Dynamic and static code analysis tools

  • Excellent written and verbal communication skills

  • Strong collaboration and stakeholder management abilities

🧩 Technical Skills Snapshot

Domain

Experience

Product Security

Secure-by-design, threat modelling, vulnerability management

Cryptography

Encryption, PKI

AppSec

Static/Dynamic analysis, secure SDLC

Embedded Security

Yes

Networking

Security controls, common threats

Documentation

SAP, SharePoint, DocuSign or similar

Regulated Environments

Medical / highly regulated industries

Tools

Microsoft Office, security tooling

🏢 Work Style & Culture

  • Strong emphasis on onsite collaboration (minimum 4 days/week in office)

  • Cross-functional, high-impact environment

  • Focus on innovation, continuous improvement, and ownership

  • Opportunity to influence product direction at a strategic level

📌 Candidate Snapshot

Attribute

Details

Role

Staff Product Security Engineer

Location

Limerick, Ireland

Experience

10–15 years ideal

Leadership

Yes (influence & team leadership expected)

Domain

Medical device security

Environment

Regulated, high-compliance

Work Model

Onsite-first

🌍 Why This Role Matters

Your work will directly contribute to:

  • Protecting patient safety

  • Strengthening cybersecurity in healthcare systems

  • Ensuring regulatory compliance

  • Driving security maturity across critical medical technologies

This is a career-defining role for someone who wants both technical depth and meaningful impact.

 

Cyber Security Engineering & Support Manager | Vulnerability Management | Pittsburgh, PA | $120K–$140K + Bonus

Cyber Security Engineering & Support Manager

📍 Location: Pittsburgh, PA (Onsite – no remote options)
💼 Employment Type: Full-time
💵 Salary: $120,000 – $140,000 annually + bonus eligibility
🎯 Experience Level: Mid-Senior (7–10 years)

About the Role

This role leads a dedicated cybersecurity engineering and support team focused on protecting enterprise technologies and infrastructure across IT and manufacturing environments. You’ll oversee the deployment and lifecycle management of enterprise security tools, direct the vulnerability management program, and provide critical cybersecurity risk analytics to support strategic decision-making.

Reporting directly to the Chief Information Security Officer, you’ll be responsible for ensuring secure, scalable solutions across global operations while managing a skilled technical team.

Key Responsibilities

  • Lead and manage the Security Engineering & Support team, including staff development and budget oversight.

  • Deploy, support, and optimize enterprise security technologies across IT, end-user, and cybersecurity environments.

  • Own and execute the organization’s vulnerability management strategy, reducing attack surfaces and strengthening resilience.

  • Develop and deliver cybersecurity risk dashboards with actionable KPIs and KRIs.

  • Oversee operational security functions such as privileged access provisioning and IT compliance support.

  • Partner with business units and OT teams (e.g., PLCs, SCADA, HMIs) to align secure solutions with plant-level and enterprise objectives.

  • Collaborate across the business to integrate security with enterprise architecture, applications, and eCommerce platforms.

Required Qualifications

  • Bachelor’s degree in Computer Science, Information Systems, Engineering, or a related field.

  • 7+ years of experience in IT, infrastructure, or cybersecurity.

  • Proven experience leading vulnerability management programs.

  • Must be a U.S. citizen, lawful permanent resident, or otherwise eligible to access controlled technology under ITAR/EAR regulations.

Preferred Qualifications

  • 2+ years of management experience leading IT or cybersecurity professionals.

  • Experience managing departmental budgets.

  • Background in manufacturing or production environments.

  • Expertise in systems engineering, application security, and security operations.

  • Active security certifications such as CISSP, CISM, CISA, or Security+.

  • Master’s degree in cybersecurity, engineering, or related field.

Ideal Candidate Profile

  • Strong leadership skills with a proven ability to guide cross-functional teams.

  • Skilled in budget management and process optimization.

  • Excellent interpersonal and communication skills for engaging both technical and non-technical stakeholders.

  • Hands-on experience in manufacturing or production IT environments is highly desirable.

Compensation & Benefits

  • Base Salary: $120,000 – $140,000 per year

  • Bonus Eligible

  • Comprehensive benefits package (medical, dental, vision, retirement, life insurance, etc.)

  • Paid time off and holidays

  • Professional development opportunities

👉 This is a strategic cybersecurity leadership opportunity for a professional ready to drive enterprise-wide security programs while directly influencing resilience and risk management.