Cybersecurity / Information Security Engineer
Evans & Chambers, Chantilly, VA, United States
Cybersecurity / Information Security Engineer
ID: 10000259
Department: Information Technology
Position Overview
Evans & Chambers Technology (EC) is seeking an experienced Information Systems Security Engineer (ISSE) to support a technical development program centered on cloud-based applications and associated infrastructure operating in a highly secure, classified network environment. The ISSE will integrate directly into a multidisciplinary team that includes software developers, systems engineers, DevOps engineers, database administrators, and systems architects.
Clearance
Active TS/SCI with Polygraph
Location
Chantilly, VA Onsite
Core Team Hours
9 AM – 3 PM daily; schedule flexibility outside those hours may be negotiated with management.
What a Typical Day Looks Like
Participate in daily Agile standup (scrum) meetings and provide status updates on assigned Jira issues
Attend ad-hoc Technical Exchange Meetings (TEMs) to assess security impacts of proposed architectural and system changes
Lead or assist with security scans; analyze and report on findings and their system impact
Review externally reported security findings (CVEs) and conduct impact analysis with recommended remediation paths
Evaluate upcoming system changes and new features for security implications during team design reviews
Primary Responsibilities
Identify, select, implement, and assess NIST SP 800-53 security and privacy controls
Develop and integrate secure configuration baselines per DISA STIGs and CIS benchmark guidelines
Contribute to the design of secure architectures and system designs
Ensure security requirements are embedded throughout the System/Software Development Life Cycle (SDLC)
Execute Continuous Monitoring (ConMon) activities in support of Assessment and Authorization (A&A) requirements
Create, review, and maintain A&A artifacts and supporting documentation
Perform security analysis and monitoring across a 100% AWS cloud-based environment
Conduct vulnerability scanning, analyze results, and develop remediation strategies and security implementations
Interface with Information System Security Managers (ISSMs) to support system accreditation efforts
Lead or participate in TEMs; document outcomes and brief management as needed
Required Qualifications
6–10 years of relevant ISSE or cybersecurity experience
Active TS/SCI with Polygraph
BS in a technical discipline or equivalent demonstrable experience
Hands‑on Linux experience, including proficiency with the command line
Scripting and programming experience in Bash, Python, or similar languages
Solid understanding of networking fundamentals — ports, routing, subnets, VPNs, firewalls, and troubleshooting
Experience working within Agile development teams and workflows
Strong working knowledge of NIST SP 800-37, NIST SP 800-53, NIST SP 800-160, DISA/CIS STIGs, and CVE management
Experience with RMF workflow tools and processes
Strong written and verbal communication skills; able to clearly articulate findings and recommendations, and receptive to alternative approaches raised by team members
Desired Qualifications
Relevant certifications such as CISSP, AWS Cloud Practitioner, AWS Security Specialty, or AI security credentials
Experience with Infrastructure as Code (IaC) tools such as Ansible, Terraform, or similar automation platforms
Prior experience working in a cloud-based environment, preferably AWS
Equal Employment Opportunity Statement
All employment opportunities are made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status or any other basis protected by law.
#J-18808-Ljbffr
ID: 10000259
Department: Information Technology
Position Overview
Evans & Chambers Technology (EC) is seeking an experienced Information Systems Security Engineer (ISSE) to support a technical development program centered on cloud-based applications and associated infrastructure operating in a highly secure, classified network environment. The ISSE will integrate directly into a multidisciplinary team that includes software developers, systems engineers, DevOps engineers, database administrators, and systems architects.
Clearance
Active TS/SCI with Polygraph
Location
Chantilly, VA Onsite
Core Team Hours
9 AM – 3 PM daily; schedule flexibility outside those hours may be negotiated with management.
What a Typical Day Looks Like
Participate in daily Agile standup (scrum) meetings and provide status updates on assigned Jira issues
Attend ad-hoc Technical Exchange Meetings (TEMs) to assess security impacts of proposed architectural and system changes
Lead or assist with security scans; analyze and report on findings and their system impact
Review externally reported security findings (CVEs) and conduct impact analysis with recommended remediation paths
Evaluate upcoming system changes and new features for security implications during team design reviews
Primary Responsibilities
Identify, select, implement, and assess NIST SP 800-53 security and privacy controls
Develop and integrate secure configuration baselines per DISA STIGs and CIS benchmark guidelines
Contribute to the design of secure architectures and system designs
Ensure security requirements are embedded throughout the System/Software Development Life Cycle (SDLC)
Execute Continuous Monitoring (ConMon) activities in support of Assessment and Authorization (A&A) requirements
Create, review, and maintain A&A artifacts and supporting documentation
Perform security analysis and monitoring across a 100% AWS cloud-based environment
Conduct vulnerability scanning, analyze results, and develop remediation strategies and security implementations
Interface with Information System Security Managers (ISSMs) to support system accreditation efforts
Lead or participate in TEMs; document outcomes and brief management as needed
Required Qualifications
6–10 years of relevant ISSE or cybersecurity experience
Active TS/SCI with Polygraph
BS in a technical discipline or equivalent demonstrable experience
Hands‑on Linux experience, including proficiency with the command line
Scripting and programming experience in Bash, Python, or similar languages
Solid understanding of networking fundamentals — ports, routing, subnets, VPNs, firewalls, and troubleshooting
Experience working within Agile development teams and workflows
Strong working knowledge of NIST SP 800-37, NIST SP 800-53, NIST SP 800-160, DISA/CIS STIGs, and CVE management
Experience with RMF workflow tools and processes
Strong written and verbal communication skills; able to clearly articulate findings and recommendations, and receptive to alternative approaches raised by team members
Desired Qualifications
Relevant certifications such as CISSP, AWS Cloud Practitioner, AWS Security Specialty, or AI security credentials
Experience with Infrastructure as Code (IaC) tools such as Ansible, Terraform, or similar automation platforms
Prior experience working in a cloud-based environment, preferably AWS
Equal Employment Opportunity Statement
All employment opportunities are made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status or any other basis protected by law.
#J-18808-Ljbffr