Information Security Engineer Position Summary
Join our team as an Information Security Engineer and help shape the security posture of mission-critical systems across federal, state, and commercial clients. You'll serve as a trusted cybersecurity expert, translating high-level security policies into actionable technical safeguards across cloud and on-premise environments. Working closely with engineers, program leads, and compliance stakeholders, you'll assess risk, design secure architectures, and guide implementation of modern security controls.
What You'll Do
- Become a cybersecurity SME across multiple federal contracts assess architectures, identify risks, and recommend mitigations aligned with NIST, FISMA, ISO 27001, and other frameworks.
- Translate security policies and compliance requirements into technical implementation plans and system-level controls.
- Lead or contribute to the development of security documentation for system authorization packages (e.g., SSPs, POA&Ms, risk assessments).
- Provide continuous monitoring support: define and track security metrics, assess control effectiveness, and support remediation efforts.
- Engineer and implement security solutions across cloud and on-premise environments, including firewalls, IDS/IPS, antivirus, and endpoint protection.
- Design secure network, system, and application architectures; support secure software development and DevSecOps practices.
- Collaborate with cross-functional teams to ensure security is embedded in IT operations, architecture decisions, and system lifecycles.
- Analyze and communicate security risks to both technical and non-technical audiences; brief stakeholders and facilitate working sessions.
- Contribute to team excellence: share security patterns, templates, and guidance; mentor peers and promote best practices.
What You'll Bring (Required Qualifications)
- CISM or CISSP certification.
- Bachelor's degree in information technology, cybersecurity, or a related field.
- 2+ years in an operational IT role with exposure to diverse architectures and progressive responsibility.
- Advanced understanding of information security principles, risk assessment techniques, and IT operations.
- Experience implementing and monitoring security controls in cloud and on-premise environments.
- Familiarity with security frameworks such as NIST 800-53, FISMA, ISO 27001, or PCI DSS.
- Strong technical writing skills: able to produce clear, executive-ready documentation and technical deliverables.
- Demonstrated ability to work independently and manage deliverables with minimal oversight.
- Excellent analytical and problem-solving skills; able to adapt quickly and integrate new information.
- Strong communication and collaboration skills; comfortable engaging with engineers and briefing executives.
- U.S. Citizenship and ability to obtain a Public Trust (NACI) clearance.
Preferred Qualifications
- Experience with cloud-native security tools and architectures (e.g., Azure, AWS, GCP).
- Familiarity with dynamic/static code analysis tools and secure development practices.
- Exposure to disaster recovery, digital forensics, and incident response methodologies.
- Experience with security policy development and governance frameworks.
- Knowledge of Microsoft Purview or similar metadata/lineage tools.
- Relevant certifications (e.g., Azure Security Engineer Associate, AWS Security Specialty).
How We Work
- Security-first: We embed security into every phase of the system lifecycle, from design to deployment.
- Agile-aligned: We collaborate closely with product owners and engineering teams, delivering secure solutions iteratively.
- Team-driven: We share knowledge, support each other, and continuously raise the bar through peer reviews and playbooks.
- Outcome-focused: We prioritize risk reduction, compliance readiness, and measurable improvements in security posture.
|
AEM Corporation
$105,000-$115,000
Nov 06, 2025