Information Security Engineer
Exostar LLC
Position Overview: This position will serve as a member of the Exostar Information Security Office and will report to the Manager of Governance & Engineering. This role is responsible for designing and implementing technical security controls across application, cloud, identity, and PKI environments. The successful candidate will work directly with DevOps, application, and operations teams to engineer controls and satisfy security framework requirements. This role is ideal for a security engineer who can assess architecture, identify control gaps, implement remediation, and technically validate implementation effectiveness. This role is ideal for candidates that have a skillset focused on engineering credibility, architectural judgment, and the ability to operate confidently with technical teams, auditors, customers, and leadership. Responsibilities: Your day if you join us: Security Architecture & Control Implementation
Exostar - The Company:
Exostar's cloud-based platforms create exclusive communities within the Aerospace and Defense, Life Sciences, and other highly regulated industries where members securely collaborate, share information, and operate compliantly. Within these communities we build trust. By analyzing community data, we provide insights and intelligence, enabling organizations to make better, timelier decisions, to mitigate risk, and operate more efficiently.
• We believe in employee development: we promote internally and provide training and educational assistance
• We provide a fun, engaged workplace, with social and community-building events
• We offer comprehensive benefits and flexible time off plans Exostar is an Equal Opportunity Employment Employer. The company provides equal employment opportunities to all applicants without regard to race, color, religion, sex, national origin, age, marital status, disability status or genetic information. Exostar is committed to providing equal employment opportunities for all persons in all facets of employment including recruiting, hiring, compensation, promotion, training, benefits, transfers and working conditions. Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.
- Assess, design, and provide guidance on secure architecture for cloud environments, including IAM, PKI, access, network, and platform services.
- Engage directly with infrastructure, platform, and development teams to translate security requirements into implementable technical designs and controls.
- Review proposed system changes, architecture diagrams, network flows, identity integrations, and control implementations for security implications.
- Develop technical control implementation guidance, including diagrams, control narratives, configuration expectations, and test procedures.
- Provide hands-on engineering support for control effectiveness through configuration review, evidence inspection, technical testing, log review, and remediation verification.
- Perform threat modeling and security risk assessments and coordinate actionable mitigation strategies.
- Provide engineering support for controls aligned to frameworks such as PKI, identity certification, CMMC L2, FedRAMP Moderate, ISO/IEC 27001, IAM, SOC 2, etc.
- Produce technical control descriptions that reflect security architecture, implementation, and operational behavior to create defensible control narratives to auditors and customers.
- Produce SSPs, POA&Ms, control narratives, and audit responses where engineering interpretation is required.
- Support audits and customer assessments by explaining technical controls, gathering defensible evidence, and validating that evidence against control intent.
- Improve the repeatability and quality of evidence collection, control validation, and remediation tracking.
- 5+ years of hands-on experience evaluating secure architecture and implementing security controls in cloud environments.
- Experience evaluating system architecture, network diagrams, data flows, identity integrations, and technical design documentation.
- Experience performing threat modeling, technical risk assessments, security design reviews, and control gap assessments.
- Experience integrating security into the SDLC, including CI/CD pipelines, Agile delivery, and DevSecOps practices.
- Experience collaborating with engineering, infrastructure, DevOps, cloud, IAM, and operations teams to drive remediation to closure.
- Strong understanding of network security concepts, including segmentation, firewalls, proxies, DNS, TLS, VPN/IPSec, routing, ingress/egress control, and secure network design.
- Experience with identity and access technologies such as Active Directory, Entra ID/Azure AD, SAML, OIDC, MFA, privileged access, role-based access control, and identity federation.
- Demonstrated experience authoring technical control narratives, technical audit documentation, and supporting evidence.
- Experience supporting audits and assessments such as SOC 2, ISO 27001, etc.
- Strong written and verbal communication skills with the ability to explain technical concepts to auditors, leadership, and business stakeholders.
- Significant experience using Jira and Confluence.
- Ability to pass background investigation to attain and maintain Trusted Role access to company systems.
- CMMC CCA or CCP certification.
- FedRAMP audit lead or hands-on control implementation experience
- CISSP and other similar technical certifications
- Experience implementing Governance, Risk, and Compliance (GRC) tools
- Experience with managing, securing, and auditing Public Key Infrastructure (PKI), including the certificate lifecycle management.
- End-point Protections (HIPS/HIDS)
- Demonstrated experience designing multi-tier, highly available, multi-threaded, scalable architectures.
- Experience with web application programming, Java, APIs, or application-adjacent security engineering.
- Secure development frameworks (e.g. OWASP SAMM, Microsoft Security Development Lifecycle, IBM Secure Engineering Framework, etc.)
- Business Continuity and Disaster Recovery planning
- Data Loss Prevention (DLP)
- Data Labeling and Information Rights Management
- Bachelor's degree from an accredited university in IT related discipline
Exostar - The Company:
Exostar's cloud-based platforms create exclusive communities within the Aerospace and Defense, Life Sciences, and other highly regulated industries where members securely collaborate, share information, and operate compliantly. Within these communities we build trust. By analyzing community data, we provide insights and intelligence, enabling organizations to make better, timelier decisions, to mitigate risk, and operate more efficiently.
• We believe in employee development: we promote internally and provide training and educational assistance
• We provide a fun, engaged workplace, with social and community-building events
• We offer comprehensive benefits and flexible time off plans Exostar is an Equal Opportunity Employment Employer. The company provides equal employment opportunities to all applicants without regard to race, color, religion, sex, national origin, age, marital status, disability status or genetic information. Exostar is committed to providing equal employment opportunities for all persons in all facets of employment including recruiting, hiring, compensation, promotion, training, benefits, transfers and working conditions. Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.
Vacancy posted 10 hours ago
Similar jobs that could be interesting for youBased on the Information Security Engineer in Herndon, VA vacancy
$175k - $260k
...Description What Impact You'll Have Seeking experienced offensive security professionals to conduct security assessments, red team... ...offensive security certifications Experience with reverse engineering and exploit development Background in offensive cyber operations...SuggestedContract workWork experience placementImmediate start- ...Job Description Job Description Description LT Consulting is seeking an Information Security (INFOSEC) Engineer responsible for maintaining the integrity and security of enterprise-wide cyber systems and networks. The candidate must have knowledge of Windows,...Suggested
- ...love using it. Joining the Appian Chief Information Office (CIO) will provide you with the... ...can thrive. The Appian Information Security department continuously evaluates the threat... ...a talented Information Security Engineering Intern to make an impact on our Information...SuggestedSummer workInternshipWork at officeLocal area
- ...motivated, career and customer-oriented Data Engineer to join our team in Herndon VA. The... ...ingestion, and ensure the integrity and security of data systems. You will play a... ...Knowledge of cyber operations Certified Information Systems Security Professional (CISSP certification...Suggested
$135k - $216k
...infrastructures, working alongside leaders in aviation, engineering, data science, and systems integration. At Peraton, you won... ...and integrity of U.S. air travel. Peraton is seeking a Information Systems Security Engineer (ISSE) to join our team of qualified, diverse individuals...SuggestedContract workFor subcontractorShift work- ...Overview VTG is seeking a highly skilled Information Systems Security Engineer (ISSE) to design, implement, and maintain security controls across enterprise systems and networks. This role ensures systems are compliant with security requirements while supporting mission...
- ...Information System Security Engineer LOCATION Reston, VA 20190 CLEARANCE TS/SCI Full Poly (Please note this position requires full U.S. Citizenship) KEY SUMMARY We are seeking a skilled and proactive Information System Security Engineer to join...Temporary workFor contractorsImmediate startFlexible hours
- ...F&A Technologies LLC (F&A) is seeking a skilled and motivated Information Systems Security Engineer (ISSE) to work hand-in-hand with our Development and Sustainment Teams in navigating Security policy/requirements that effectively deliver compliant and compelling technical...Work at officeFlexible hours
$111.8k - $221.8k
...Information Systems Security Engineer Herndon, VA At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared purpose to pursue the...Contract workLocal area$150k - $170k
...synchronization with legacy systems. The Senior Data Engineer provides support to the Application... ...BS degree in CS, Computer Engineering, Information Technology, or a related field. ~... ...requires the eligibility to obtain a security clearance. The Defense Industrial Security...Work experience placementH1bWork at officeLocal area- ...IT program. We are looking for a cyber security professional to conduct penetration testing... ...exploit risk and vulnerabilities of information systems. This candidate is expected to... ...Computer Science, Information Systems, Engineering, or other related scientific or technical...
- ...will identify vulnerabilities and test the security of networks, applications, and systems... ..., Application Security Tester, Security Engineer, Offensive Security Engineer, Security... ...Focus) Cybersecurity, Computer Science, Information Technology, Information Security, Network...Temporary workFor contractorsImmediate startFlexible hours
- ...Job Overview The Senior Network Security Engineer will engineer, design, and sustain Comply-to-Connect (C2C) deployment support to migrate... ...at multiple levels to gather and coordinate vital technical information. Supporting Assessment and Authorization (A&A) activities...Work at officeRemote workFlexible hours
$87.1k - $157.45k
Leidos is seeking an experienced Information Systems Security Engineer (ISSE) to lead the security architecture, design, and deployment of mission-critical applications across unclassified, classified, and corporate networks. This role is highly dynamic, requiring a security...Full timeWork experience placement- ...Cyber Security Architect Altamira Technologies has a long and successful history providing innovative solutions throughout the U.S.... ...senior leadership. Demonstrated experience translating technical information into clear, readable documents and presentations to be used by...Worldwide
$167.5k - $185.25k
...The Principal Network & Security Engineer is responsible for the management, lifecycle operations, and security of the organization's Cisco... ...management of critical Cisco platforms with broad information security responsibilities across hybrid cloud and on-premises...Casual workWork at officeImmediate startRemote work- ...seeking an ISSO / Systems Administrator to enhance their Cyber Security team in Herndon, Virginia. The ideal candidate will have a... ...Framework. This role involves running security scans, managing information security programs, and providing technical guidance. Benefits...Flexible hours
- ...Overview Information Systems Security Engineer Chantilly, VA TS/SCI with Poly At Bcore, our strength comes from how we deliver impact to the mission. Whether it’s architecting critical IT solutions, producing actionable intelligence, or developing cutting edge technology...
- ...Description Job Description Salary: Job Summary: The Security Engineer is responsible for identifying, analyzing, and mitigating security... ...Experience Bachelors degree in computer science, Information Security, or a related field (or equivalent experience)....Contract workWork at officeRemote work
$63.3k - $129.7k
Job Title: Mid Security Information Assurance Engineer Job Category: Information Technology Time Type: Full time Minimum Clearance Required to Start: TS/SCI Employee Type: Regular Percentage of Travel Required: Up to 10% Type of Travel: Continental US Anticipated Posting...Full timeContract workWork experience placementFlexible hours$50k - $290k
...Reston, VA. Our capabilities include Software Development, Engineering & IT, Data Science, Cyber Enablement, Logistics, and... ...country and around the globe. We are looking for an Information Systems Security Engineer (ISSE) to join our high-performing team in either...Contract workWork experience placement- ...Location: Tysons, Virginia Type: Contract Job #3872 Title: Information Systems Security Engineer Location: Tysons, VA *Clearance: *Active TS/SCI w/ Polygraph needed to apply * Company Overview: Cornerstone Defense is the Employer...Contract work
- ...Senior Information Systems Security Engineer (ISSE) TS/SCI CI Poly The Senior Information Systems Security Engineer provides support to the customer in the area of Cyber Security. Daily tasks include, but are not limited to: Provides analytical and technical security...
$99k - $225k
...Job Number: R0240977 Information System Security Engineer The Opportunity: You will lead cybersecurity engineering efforts across the full system lifecycle for DoD collateral, SAP and SCI environments. This role ensures security requirements are integrated into...Full timeContract workPart timeWork at officeLocal areaRemote work$162.35k - $234.6k
Senior Product Security Engineer - Avionics Development Company: The Boeing Company Boeing is seeking an innovative and experienced Senior Product... ...Security community. Furthermore, your effort will directly inform our Enterprise Product Security Engineering team with lessons...Permanent employmentFull timeWork experience placementRelocationVisa sponsorshipWork visaFlexible hoursShift work$92.1k - $174.71k
...not guaranteed regardless of work location. For additional information on remote work at Penn State, see Notice to Out of State... ...Laboratory (ARL) at Penn State University is seeking a Cyber Security Systems Engineer for our high security Special Program environments. This...Full timeContract workFor contractorsWork experience placementWork at officeRemote work$68.6k - $132.2k
...regardless of work location. For additional information on remote work at Penn State, see... ...cybersecurity programs and determines security controls and policies based on best practices... ...solutions to challenging scientific, engineering, and technology problems in support of...Full timeFor contractorsWork experience placementRemote workFlexible hours- ...Job Title: Cyber Security Engineer (Data Scanning) Location: Vienna, VA, United States Type: Contract Contractor Work Model: Hybrid... ..., disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic...Contract workFor contractorsLocal areaRemote work
- ...consideration. Program Description: The program provides Systems Engineering and Technical Assistance (SETA) core and non-core support in the areas of Cyber Security and Management to improve the Information Assurance (IA) posture of a National customer. The contracts...
- ...a motivated, career and customer-oriented Principal Cyber Security Engineer to join our team in Chantilly, VA . The Principal Cyber... ...the Sponsor's environment or similar environments using RMF, information assurance tools, and DoD STIGs. ~ Experience working...Work at office
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Information Security Engineer. Be the first to apply!
Related searches
- senior data center engineer Herndon, VA
- data engineer machine learning Herndon, VA
- data science developer Herndon, VA
- data engineer Herndon, VA
- sr information security engineer Herndon, VA
- senior cloud data engineer Herndon, VA
- big data devops engineer Herndon, VA
- aws data engineer Herndon, VA
- data developer Herndon, VA
- data engineer analytics Herndon, VA


