Find The RightJob.
Information Systems Security Engineer
Overview:
VTG is seeking a Senior Information Systems Security Engineer (ISSE) to support our national security customer in Huntsville, AL. The position is 100% onsite.
Responsibilities:
- Lead, mentor, and supervise a team of contractor security professionals responsible for the end-to-end implementation of the RMF lifecycle for FBI IT systems.
- Oversee and coordinate activities within the Prepare step, ensuring roles, responsibilities, and risk management strategies are clearly defined and maintained.
- Guide system categorization efforts to ensure all information systems are appropriately classified based on mission/business impact and regulatory requirements.
- Advise on the selection, tailoring, and documentation of security controls aligned with system categorizations, Bureau risk appetite, and compliance requirements.
- Oversee the implementation of technical, operational, and management controls throughout system and application lifecycles, with a particular focus on quality and completeness of all deliverables.
- Ensure comprehensive security control assessments are planned, executed, and documented to validate the effectiveness of implemented safeguards.
- Prepare risk management documentation for system authorization and executive decision-making.
- Direct ongoing monitoring and continuous assessment activities, collecting metrics to adjust security strategies and ensure sustained compliance.
- Serve as a principal technical advisor on cybersecurity, bringing subject-matter expertise to risk analysis, incident response, system remediation, and audit support efforts.
- Foster a culture of security awareness, providing technical guidance and training to both team members and stakeholders.
- Track, report, and communicate status, risks, and improvement opportunities related to security engineering activities to leadership and stakeholders.
- Maintain up-to-date knowledge of RMF, NIST guidance, and industry best practices in support of continuous process improvement.
- 8 years of experience in secure design, analysis, and test of information security systems and products.
- 8 years of experience applying methods, standards and approaches for ensuring the baseline security safeguards are appropriately implemented and documented.
- 8 years of experience creating and updating security test plans for detecting and mitigating risk to information systems.
- Active Top Secret Clearance w/ SCI eligibility
- Certified Information Systems Security Professional (CISSP) or Certified Ethical Hacker (CEH) certification required
-
Cloud certification:
- AWS Certified Security – Specialty
- (ISC)² Certified Cloud Security Professional (CCSP)
- AWS Certified Solutions Architect – Associate
© 2026 Qureos. All rights reserved.