Job Description

Information System Security Engineer

We are seeking a hands-on Senior Information System Security Engineer for key cybersecurity systems supporting the Department of Veterans Affairs (VA). This role is ideal for someone with deep technical engineering skills, cloud and DevSecOps experience, and the ability to fulfill ISSE duties to obtain and maintain system’s authority to operate (ATO). This individual will also contribute to the team to assess, develop and implement technical solutions to remediate vulnerabilities and other complex cybersecurity challenges. Candidates will have a solutions-oriented mindset to help the VA problem solve complex cybersecurity and IT challenges. The candidates should also be well-versed with facilitating working sessions and have the ability to distill complex concepts into non-technical/common language.
The role will focus on analyzing and recommending system security architectures, vulnerability mitigation, policy-driven compliance implementation, and full-lifecycle support for the Department of Veteran’s Affairs systems.

Key Responsibilities:
• Perform tasks traditionally aligned to an Information System Security Officer (ISSO) for designated VA systems
• Provide engineering and technical analysis on behalf of Agency Authorizing Officials (AOs) for System Security Plans (SSPs), Risk Assessments, Security Controls Traceability Matrices (SCTMs), and POA&Ms
• Support system authorization and compliance activities including continuous monitoring and system audits
• Conduct regular and ad-hoc analysis of security control assessments, document findings, and manage remediation plans to develop and implement remediation strategies
• Assess complex technical findings and determine necessary resources needed to solve problem-sets across multiple cybersecurity and technical domains
• Able to partner with technical teams to develop and implement technical solutions
• Implement secure infrastructure as code/policy as code using tools such as Terraform/CloudFormation, including writing and implementing PaC scripts
• Align security architectures with Federal Zero Trust strategy, VA directives, and OMB policies
• Enable automation of system telemetry and analytics pipelines for cyber situational awareness

Minimum Qualifications:
• 5+ years acting as an ISSE or performing ISSE-related responsibilities for federal systems
• 5+ years of security engineering, DevSecOps, or cloud architecture experience
• Expertise in securing platforms hosted in AWS GovCloud and Azure Government
• Strong experience with NIST RMF, FISMA, FedRAMP, and Zero Trust architecture implementation
• Hands-on skills in IaC tools like Terraform and CI/CD tools such as GitLab/Jenkins, with ability to adopt new technologies if procured by the agency
• Experience with network isolation tools such as Palo Alto Next Generation Firewalls (NGFW) and Juniper Mist Network Access Control (NAC) solutions or comparable
• Demonstrated experience securing modern applications, APIs, and automated infrastructure
• Excellent written and oral communication skills; ability to explain complex, technical information in easily understood terms; ability to brief Senior VA leadership regularly
• Ability to obtain VA Public Trust clearance
• Bachelor’s degree in computer science, Engineering, or technical equivalent with 5 years of technical experience or a total of 13 years in lieu of education

Preferred Qualifications:
• Prior VA experience supporting VA OIS or major cybersecurity initiatives
• Experience authoring and maintaining ATO documentation in VA or HHS environments
• Experience with IoT/IoMT security solutions is a plus
• Knowledge of federal cybersecurity standards
• Design, build, and deploy secure cloud-native architectures and infrastructure components for VA information systems
• Develop and maintain CI/CD pipelines with integrated security scanning, policy enforcement, and remediation tools