Information System Security Engineer (Hybrid) with Security Clearance

You will need to login before you can apply for a job.

While this role is approximately 50% remote, one must live within commuting distance to Fort Belvoir, VA for on–site support. Codescratch, is a leading software services company that specializes in developing innovative solutions, driving improvements, and optimizing operations for a diverse clientele in both the public and private sectors. We have a proven track record of success in tackling complex, large–scale challenges that demand out–of–the–box thinking and innovative approaches. Our primary focus is on delivering maximum value to our customers while mitigating risks and ensuring the highest levels of quality and efficiency. We provide unprecedented mission successes through software innovations by securing top–tier talent, fostering a culture of fun and mutual respect, and growing through the strength of our established reputation. Codescratch is currently seeking a self–motivated and talented professional who is looking for a challenging opportunity as an Information System Security Engineer (ISSE). This role will lead the Security engineering effort across a team of software engineers, and cyber security SMEs to design, implement, support, and maintain solutions. The successful candidate will create and manage thorough documentation of multi–enclave system deployment strategies, ensuring adherence to classification requirements. This position requires hands–on knowledge of distributed architectures and cloud–based systems. Why Codescratch? As a group of software engineers that have worked together for over a decade in the defense industry, we set out to create an organization that chose the best and left off the worst of our employment experiences. In 2018, we decided to form a company that would focus on people and the work while setting aside bureaucracy and egos. We are a small company that focuses on our employees first. We are committed to reducing operational expenditures and optimizing administrative procedures, prioritizing employee compensation over corporate infrastructure investment. This enables us to maximize financial benefits for those individuals who significantly contribute to customer satisfaction. Here are a few highlights of our benefits package: We are proud to offer a stellar 401(k) plan to every employee on day one. Codescratch contributes 15% of your earnings each pay period, on top of any contribution you choose to make – it's that simple. No vesting schedule, no lump sum, no gotchas! Our team members stick around because they love the company, not because of gimmicks.
Codescratch contributes 12% of your rate towards your employee premium for healthcare, vision and dental.
Flexibility – get paid for every hour that you work! Education/training allowances.
We invest in your professional development by covering the cost of certifications relevant to your job. We also reimburse some of the cost for books, audiobooks and online video courses. What You Will Do: Performs or reviews technical security assessments of computing environments to identify points of vulnerability, non– compliance with established Information Assurance (IA) standards and regulations and recommend mitigation strategies. Validates and verifies system security requirements definitions and analysis and establishes system security designs. Designs, develops, implements and /or integrates IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protections/classifications requirements. Builds IA into systems deployed to operational environments. Enforce the design and implementation of trusted relations among external systems and architectures. Assesses and mitigates system security threats/risks throughout the program lifecycle. Contributes to and supports the security planning, assessment, risk analysis, risk management, certification, and awareness this includes application of the Risk Management Framework (RMF)
Identify overall security requirements for the proper handling of Government data. Basic Qualifications: Five (5)+ years of experience as an ISSE on programs and contracts of similar scope, type, and complexity is required. Bachelor's degree in Computer Science, Information Assurance, or related discipline from an accredited college or university is required. One year of relevant experience may be substituted for each year of required education. Relevant certifications may be substituted for education or years of experience
Must have, or obtain Security+ certification or equivalent DoD 8570 IAT II certification within 30 days of start date
Strong communication skills that enable proactive and effective collaboration with a virtual team, including the ability to clearly articulate status and present to both customers and program leadership.
Expertise with the Risk Management Framework.
Ability to monitor and analyze cyber security posture within a cloud environment Preferred qualifications/skills: Knowledge of AWS services, application to deployment and management of infrastructure is a plus.
Experience with CI/CD pipelines in a containerized (Kubernetes) environment is a plus.
Experience enforcing project DevOps processes to ensure consistency of deployments is a plus. Clearance: U.S. citizenship required
Active TS/SCI with a Polygraph is required Location: Fort Belvoir, VA (50% hybrid telework) Salary Range: Pay range $130,000 – $200,000 The pay range for this job level is a general estimated guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Create a job alert and receive personalised job recommendations straight to your inbox.