SMX is seeking a highly experienced Information Systems Security Engineer (ISSE) – Sr to support a mission-critical federal program in Washington, DC. This individual will serve as a senior cybersecurity and security engineering professional responsible for designing, implementing, assessing, and maintaining security controls that protect enterprise systems, applications, and infrastructure supporting critical mission operations. The selected candidate will function as a senior technical expert supporting multiple cybersecurity initiatives, authorization efforts, and security engineering activities. This role requires extensive experience in Risk Management Framework (RMF) implementation, security architecture, vulnerability management, security testing, and system authorization activities. The ideal candidate will possess strong technical leadership capabilities and the ability to evaluate security risks, develop mitigation strategies, and guide engineering teams in implementing effective security solutions. This position is on site in Washington, DC and requires an active TS/SCI clearance.
Essential Duties & Responsibilities:
Lead security engineering activities supporting enterprise systems, applications, and infrastructure environments
Design, implement, and assess security controls in accordance with federal cybersecurity requirements and industry best practices
Develop, maintain, and review System Security Plans (SSPs), Business Impact Analyses (BIAs), Continuity of Operations Plans (COOPs), mitigation plans, and other security documentation
Establish and maintain system authorization boundaries, security architectures, hardware inventories, software inventories, and access control documentation
Create and maintain security assessment plans, test procedures, and security validation methodologies
Conduct security testing, vulnerability assessments, control validation activities, and risk analyses
Evaluate security findings and develop technical solutions to mitigate vulnerabilities and reduce organizational risk
Support Authorization to Operate (ATO) activities, continuous monitoring programs, and compliance initiatives
Analyze security alerts, vulnerabilities, system weaknesses, and emerging threats to determine operational impacts and remediation priorities
Coordinate with system owners, developers, engineers, ISSOs, and government stakeholders to ensure security requirements are incorporated throughout the system lifecycle
Support audit preparation, compliance assessments, and security reviews conducted by internal and external organizations
Evaluate security architecture designs and recommend improvements to strengthen enterprise security posture
Lead remediation efforts for identified vulnerabilities and security deficiencies
Provide technical guidance and mentorship to junior security engineers and cybersecurity personnel
Evaluate cybersecurity program performance and recommend improvements that enhance security effectiveness and operational efficiency
Support major technology initiatives and modernization efforts by integrating security requirements throughout planning, design, implementation, and sustainment phases
Required Skills & Experience
Active TS/SCI clearance required
Minimum of 8 years of professional experience supporting cybersecurity, security engineering, information assurance, or related disciplines
Demonstrated experience serving as a senior security engineer, lead cybersecurity practitioner, or technical security subject matter expert
Extensive experience implementing and assessing security controls in accordance with NIST and federal cybersecurity requirements
Experience supporting Risk Management Framework (RMF) activities and Authorization to Operate (ATO) processes
Experience developing and maintaining SSPs, POA&Ms, Security Assessment Plans, authorization boundary diagrams, and related security artifacts
Experience conducting vulnerability assessments, security testing, control validation, and risk assessment activities
Experience evaluating system architectures, security configurations, and technical implementations for compliance and security effectiveness
Strong understanding of NIST 800-53, NIST 800-37, continuous monitoring, and federal cybersecurity standards
Experience supporting enterprise security programs within complex technology environments
Experience analyzing security findings and developing risk-based mitigation strategies
Strong analytical, troubleshooting, and problem-solving skills
Ability to communicate complex security concepts to technical and non-technical audiences
Strong written and verbal communication skills
Ability to work independently while managing multiple priorities and technical initiatives
Desired Skills & Experience
Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Engineering, Information Systems, or related field
Advanced degree preferred
Experience supporting federal government, law enforcement, intelligence community, or national security programs
Experience supporting cloud security architectures and cloud-based authorization efforts
Experience supporting Governance, Risk, and Compliance (GRC) platforms and security automation initiatives
Familiarity with enterprise security tools including:
Splunk
Tenable Nessus
Security Center
Endpoint Detection and Response (EDR) Platforms
Vulnerability Management Platforms
Security Information and Event Management (SIEM) Tools
Experience supporting Zero Trust initiatives and cybersecurity modernization efforts
Experience supporting Agile, SAFe, and DevSecOps environments
One or more of the following certifications preferred:
CISSP
CAP (Certified Authorization Professional)
CASP+
CISM
CCSP
Security+
GSEC
Other relevant cybersecurity certifications
Experience supervising, mentoring, or leading cybersecurity teams preferred
Application Deadline: 9-4-2026
# LI-SA1
The SMX salary determination process takes into account a number of factors, including but not limited to, geographic location, Federal Government contract labor categories, relevant prior work experience, specific skills, education and certifications. At SMX, one of our Core Values is to Invest in Our People so we offer a competitive mix of compensation, learning & development opportunities, and benefits. Some key components of our robust benefits include health insurance, paid leave, and retirement.
The proposed salary for this position is:
$126,000 — $212,000 USD
At SMX®, we are a team of technical and domain experts dedicated to enabling your mission. From priority national security initiatives for the DoD to highly assured and compliant solutions for healthcare, we understand that digital transformation is key to your future success.
We share your vision for the future and strive to accelerate your impact on the world. We bring both cutting edge technology and an expansive view of what’s possible to every engagement. Our delivery model and unique approaches harness our deep technical and domain knowledge, providing forward-looking insights and practical solutions to power secure mission acceleration.
SMX is an Equal Opportunity employer including disabilities and veterans.
Selected applicant may be subject to a background investigation and/or education verification.
SMX does not sponsor a new applicant for employment authorization or immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, E-2, E-3, L-1 and O-1, or any EADs or other forms of work authorization that require immigration support from an employer).