Information Systems Security Engineer (ISSE)

Open Systems Technologies Corporation is a leader in the government contracting marketplace, providing Enterprise Security and Cloud Computing solutions to support large organizations. Our capabilities include supplying federal government entities and private businesses with software development, scientific and engineering technical assistance, systems integration, and enterprise security. Since its founding in 1996, OST has been committed to delivering high-quality, best-in-class results that bring added value to our clients while investing in our employees’ futures by providing exciting projects to work on, and robust benefits to include technical training and certifications, relocation assistance and a 401K match with immediate vesting.

The Opportunity:
Join our dynamic team as an Information System Security Engineer (ISSE) and make a direct impact on our customer’s mission. In this role, you will design, implement, and maintain cutting-edge cybersecurity solutions to ensure the availability and security of critical defense systems. You’ll be a vital part of the Risk Management Framework (RMF) lifecycle, contributing to accreditation packages, supporting system development, and ensuring compliance with Department of Defense (DoD) cybersecurity standards.

• Security Implementation: Design, implement, and manage security solutions for Kubernetes (OpenShift) and DoD cloud environments, including firewalls, intrusion detection/prevention systems, endpoint protection, and encryption mechanisms.

• Vulnerability Assessment: Conduct regular security assessments to identify vulnerabilities and weaknesses in systems, networks, and applications.

• Incident Response: Develop and implement incident response plans for Kubernetes (OpenShift) and DoD cloud environments. Monitor network traffic, system logs, and security alerts to detect and respond to potential security incidents.

• Risk Management: Manage the risk management cycle for Kubernetes (OpenShift) and DoD cloud environments, coordinating with project teams to track risks, accreditation status, and reporting.

• Documentation: Prepare and maintain comprehensive security documentation, including System Security Plans (SSP), Security Test Plans (STP), Plans of Action and Milestones (POA&M), and other required artifacts.

• Compliance: Ensure Kubernetes (OpenShift) and DoD cloud environments adhere to relevant security standards and regulations, such as NIST 800-53, DoD 8500 series, and other industry-specific frameworks.

• Collaboration: Work closely with cross-functional teams to integrate security into all phases of the development lifecycle. Provide expert-level security guidance and support to engineering teams.

• Testing and Evaluation: Perform Test and Evaluation (T&E); interview system SMEs; validate physical controls; review HW/SW lists; assess topology and TPPS. Additionally, document and provide on-site assessments.

• Continuous Improvement: Stay current with the latest security trends, threats, and technologies related to Kubernetes and container orchestration. Recommend and implement improvements to enhance the security posture of Kubernetes (OpenShift) and DoD cloud environments.

Qualifications:
Required:

• Active DOD Top Secret/SCI + CI Poly security clearance.

• Minimum 5 years of direct experience in Risk Management Framework (RMF), Joint SAP Implementation Guide, or ICD 503 processes.

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, Engineering, or a related field

• Familiarity with vulnerability scanning tools, STIG compliance, Security Content Automation Protocol (SCAP), and security event information management (SIEM).

• Knowledge in Infrastructure-as-Code and scripting technologies such as Ansible, Terraform, PowerShell, or Bash.

• 3 years administering Kubernetes (OpenShift) and/or DoD cloud environments

Desired:

• Prior DoD cybersecurity engineering experience.

• Familiarity with enclave and mission system architectures.

• Strong communication skills and ability to interface with program managers, developers, and system administrators.

• A vendor-neutral certification for experienced professionals focusing on cloud security architecture, data security, and operations (e.g., Certified Cloud Security Professional (CCSP), CompTIA Cloud+, or AWS Certified Security).

BENEFITS

OST is an Equal Opportunity Employer and has been operating since 1996 providing support on various contracts with Government agencies. We offer a comprehensive benefits package that includes 3 weeks paid time off, 11 Federal Holidays, medical/dental coverage, STD, LTD, Life Insurance, AD&D, 401k with up to 4% match, and end-of-year profit sharing.