Information Security Engineer
Exostar
Position Overview: This position will serve as a member of the Exostar Information Security Office and will report to the Manager of Governance & Engineering. This role is responsible for designing and implementing technical security controls across application, cloud, identity, and PKI environments. The successful candidate will work directly with DevOps, application, and operations teams to engineer controls and satisfy security framework requirements. This role is ideal for a security engineer who can assess architecture, identify control gaps, implement remediation, and technically validate implementation effectiveness. This role is ideal for candidates that have a skillset focused on engineering credibility, architectural judgment, and the ability to operate confidently with technical teams, auditors, customers, and leadership. Responsibilities: Your day if you join us: Security Architecture & Control Implementation
Exostar - The Company:
Exostar's cloud-based platforms create exclusive communities within the Aerospace and Defense, Life Sciences, and other highly regulated industries where members securely collaborate, share information, and operate compliantly. Within these communities we build trust. By analyzing community data, we provide insights and intelligence, enabling organizations to make better, timelier decisions, to mitigate risk, and operate more efficiently.
• We believe in employee development: we promote internally and provide training and educational assistance
• We provide a fun, engaged workplace, with social and community-building events
• We offer comprehensive benefits and flexible time off plans Exostar is an Equal Opportunity Employment Employer. The company provides equal employment opportunities to all applicants without regard to race, color, religion, sex, national origin, age, marital status, disability status or genetic information. Exostar is committed to providing equal employment opportunities for all persons in all facets of employment including recruiting, hiring, compensation, promotion, training, benefits, transfers and working conditions. Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.
- Assess, design, and provide guidance on secure architecture for cloud environments, including IAM, PKI, access, network, and platform services.
- Engage directly with infrastructure, platform, and development teams to translate security requirements into implementable technical designs and controls.
- Review proposed system changes, architecture diagrams, network flows, identity integrations, and control implementations for security implications.
- Develop technical control implementation guidance, including diagrams, control narratives, configuration expectations, and test procedures.
- Provide hands-on engineering support for control effectiveness through configuration review, evidence inspection, technical testing, log review, and remediation verification.
- Perform threat modeling and security risk assessments and coordinate actionable mitigation strategies.
- Provide engineering support for controls aligned to frameworks such as PKI, identity certification, CMMC L2, FedRAMP Moderate, ISO/IEC 27001, IAM, SOC 2, etc.
- Produce technical control descriptions that reflect security architecture, implementation, and operational behavior to create defensible control narratives to auditors and customers.
- Produce SSPs, POA&Ms, control narratives, and audit responses where engineering interpretation is required.
- Support audits and customer assessments by explaining technical controls, gathering defensible evidence, and validating that evidence against control intent.
- Improve the repeatability and quality of evidence collection, control validation, and remediation tracking.
- 5+ years of hands-on experience evaluating secure architecture and implementing security controls in cloud environments.
- Experience evaluating system architecture, network diagrams, data flows, identity integrations, and technical design documentation.
- Experience performing threat modeling, technical risk assessments, security design reviews, and control gap assessments.
- Experience integrating security into the SDLC, including CI/CD pipelines, Agile delivery, and DevSecOps practices.
- Experience collaborating with engineering, infrastructure, DevOps, cloud, IAM, and operations teams to drive remediation to closure.
- Strong understanding of network security concepts, including segmentation, firewalls, proxies, DNS, TLS, VPN/IPSec, routing, ingress/egress control, and secure network design.
- Experience with identity and access technologies such as Active Directory, Entra ID/Azure AD, SAML, OIDC, MFA, privileged access, role-based access control, and identity federation.
- Demonstrated experience authoring technical control narratives, technical audit documentation, and supporting evidence.
- Experience supporting audits and assessments such as SOC 2, ISO 27001, etc.
- Strong written and verbal communication skills with the ability to explain technical concepts to auditors, leadership, and business stakeholders.
- Significant experience using Jira and Confluence.
- U.S. Citizens only- Due to customer requirements, U.S. Citizenship is required. Ability to gain and maintain Trusted Role is required.
- CMMC CCA or CCP certification.
- FedRAMP audit lead or hands-on control implementation experience
- CISSP and other similar technical certifications
- Experience implementing Governance, Risk, and Compliance (GRC) tools
- Experience with managing, securing, and auditing Public Key Infrastructure (PKI), including the certificate lifecycle management.
- End-point Protections (HIPS/HIDS)
- Demonstrated experience designing multi-tier, highly available, multi-threaded, scalable architectures.
- Experience with web application programming, Java, APIs, or application-adjacent security engineering.
- Secure development frameworks (e.g. OWASP SAMM, Microsoft Security Development Lifecycle, IBM Secure Engineering Framework, etc.)
- Business Continuity and Disaster Recovery planning
- Data Loss Prevention (DLP)
- Data Labeling and Information Rights Management
- Bachelor's degree from an accredited university in IT related discipline
Exostar - The Company:
Exostar's cloud-based platforms create exclusive communities within the Aerospace and Defense, Life Sciences, and other highly regulated industries where members securely collaborate, share information, and operate compliantly. Within these communities we build trust. By analyzing community data, we provide insights and intelligence, enabling organizations to make better, timelier decisions, to mitigate risk, and operate more efficiently.
• We believe in employee development: we promote internally and provide training and educational assistance
• We provide a fun, engaged workplace, with social and community-building events
• We offer comprehensive benefits and flexible time off plans Exostar is an Equal Opportunity Employment Employer. The company provides equal employment opportunities to all applicants without regard to race, color, religion, sex, national origin, age, marital status, disability status or genetic information. Exostar is committed to providing equal employment opportunities for all persons in all facets of employment including recruiting, hiring, compensation, promotion, training, benefits, transfers and working conditions. Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.
Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Information Security Engineer in Herndon, VA vacancy
$175k - $250k
...Senior Information Security Engineer, Offensive Security What Impact You'll Have Seeking experienced offensive security professionals to conduct security assessments, red team operations, and network exploitation activities in support of client security requirements. What...SuggestedWork experience placement- VTG Defense is seeking an Information Systems Security Engineer (ISSE) to design, implement, and maintain security controls across enterprise systems and networks. This role supports RMF and NIST 800-53 compliance while enabling mission-critical operations. The ISSE will...Suggested
- ...Job Description Job Description Description LT Consulting is seeking an Information Security (INFOSEC) Engineer responsible for maintaining the integrity and security of enterprise-wide cyber systems and networks. The candidate must have knowledge of Windows,...Suggested
- ...love using it. Joining the Appian Chief Information Office (CIO) will provide you with the... ...can thrive. The Appian Information Security department continuously evaluates the threat... ...a talented Information Security Engineering Intern to make an impact on our Information...SuggestedSummer workInternshipWork at officeLocal area
- ...motivated, career and customer-oriented Data Engineer to join our team in Herndon VA. The... ...ingestion, and ensure the integrity and security of data systems. You will play a... ...Knowledge of cyber operations Certified Information Systems Security Professional (CISSP certification...Suggested
$131.3k - $237.35k
...IT program. We are looking for a cyber security professional to conduct penetration testing... ...exploit risk and vulnerabilities of information systems. This candidate is expected to... ...Computer Science, Information Systems, Engineering, or other related scientific or technical...$136k - $224.25k
...encouraging environment where everyone feels motivated to perform at their highest level! We’re seeking a dedicated Information Security Systems Engineer to join our team in Herndon, VA. The candidate will have experience in end to end ownership of planning. This includes...Full timeContract workWork at office$176k - $282k
...Network Security Engineer Job Locations US-VA-Chantilly Requisition ID 2026-167418 Position Category Information Technology Clearance Top Secret/SCI w/Poly Responsibilities Deconfliction with mission partners. Scripting...Contract workShift work- ...Cloud Security Engineer Location: Sterling, Virginia (On-site) Employment Type: 6 month contract-to-Hire Apply here: Please send... ...development environment. The engineer will serve as an information security specialist, responsible for reviewing software and...Contract workVisa sponsorship
- ...Title: Senior Cloud Security Engineer Location: Remote Note: Temp to hire. Pay Range: $70/hr. to $75/hr. on w2. About the Opportunity... ...production systems, 30% • Partner across and beyond the Information Security organization to turn risk priorities and detection...Temporary workRemote workShift work
- ...GuidePoint Security provides trusted cybersecurity expertise, solutions and services that... .... We are growing our federal presales engineering team and looking for technically... ...accreditation processes necessary to ensure that Information Technology (IT) systems meet the...For contractorsRemote workFlexible hours
- ...to work remotely throughout the U.S. Secret Security clearance is preferred. Candidates must be US... ...responsible for the application security function and for information technology security (Cybersecurity/InfoSec) engineering, and design and serves as a technical expert...Remote work
$167.5k - $185.25k
...The Principal Network & Security Engineer is responsible for the management, lifecycle operations, and security of the organization's Cisco... ...management of critical Cisco platforms with broad information security responsibilities across hybrid cloud and on-premises...Casual workWork at officeImmediate startRemote work- ...Cyber Security Architect Altamira Technologies has a long and successful history providing... ...leadership. Must translate technical information into clear, readable documents and presentations... ...done. Join our team of experts as we engineer national security! #J-18808-Ljbffr...Worldwide
- ...Description Job Description Salary: Job Summary: The Security Engineer is responsible for identifying, analyzing, and mitigating security... ...Experience Bachelors degree in computer science, Information Security, or a related field (or equivalent experience)....Contract workWork at officeRemote work
- ...Position Overview We are seeking a Cyber Security Architect to support a high-impact... ...This individual will work closely with engineering, infrastructure, and mission teams to develop... ...in Cybersecurity, Computer Science, Information Technology, Engineering, or a related field...Full time
$133k - $238k
...Senior Data Engineer / Technical Lead Stanley Reid is a specialized recruiting firm connecting top contractors with exciting IC/DoD... ...high-volume data into actionable intelligence supporting national security efforts. Qualified Senior Data Engineer should have the...Contract workFor contractorsRemote work$120k - $175k
...Technology Cyber Security Architect Cooley is seeking a Cyber Security Architect to... ...major technology changes Partner with engineering, infrastructure, DevOps, and data teams... ...Preferred: Bachelor's Degree in Information Technology, Computer Information Systems...Full timeTemporary workWork at officeFlexible hoursWeekend work$100k - $145k
...collaborative team to develop, manage, and maintain the security posture of information systems with a focus on Assessment and Authorization (A&A... ...security control implementation with system administrators and engineers. Support entry and maintenance of data into information...Work at officeLocal area- ...consideration. Program Description: The program provides Systems Engineering and Technical Assistance (SETA) core and non-core support in the areas of Cyber Security and Management to improve the Information Assurance (IA) posture of a National customer. The contracts...
- ...Job Title: Cyber Security Engineer (Data Scanning) Location: Vienna, VA, United States Type: Contract Contractor Work Model: Hybrid... ..., disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic...Contract workFor contractorsLocal areaRemote work
$68.2k - $115.1k
...Position Specifics The Information Technology Services Division, located in the Enterprise Operations Office of The Applied Research... ...(ARL) at Penn State University is seeking a Cyber Security Systems Engineer for our high security Special Program environments. This role...Full timeContract workWork at officeRemote work$99k - $225k
Cloud Security Engineer The Opportunity: Everyone is trying to “harness the cloud,” but not everyone knows how to secure it. As a security... ...and implement requirements that ensure the safety of information systems and protect them against intentional or inadvertent...Full timeContract workPart timeWork at officeLocal areaRemote work- ...small business that provides Software, AI/ML, and Cloud Engineering Solutions for our Department of Defense, Intelligence Community... ...our customers and our country. We are looking for an Information Systems Security Engineer to support our client in defining security...Contract work
- ...Job Description Job Description Information System Security Engineer (ISSE) TS/SCI FSP Department: Government Customer- Herndon Location: Herndon, VA Information System Security Engineer Minimum Qualifications: Five or more (5+) years’ experience...
- ...Job Description Job Description Mantis Security is a leading specialty firm of high caliber talent... ...in Cyber Operations, Cyber Defense, Information Assurance, Software Development, DevSecOps, Security Engineering, and Cloud Engineering. We enable and protect...
- Overview Job Description Everforth ECS is seeking a Senior Security Test Engineer to work in the National Capital Region covering the... ...and employ synthetic or masked data to protect sensitive information during testing. Performs virtual-machine and container-security...Contract workInterim roleLocal area
- ...critical component of our nation’s safety and security. Make an impact by using your expertise... ...Greenlight, Rapid7 and assigned onsite Information System Security Managers to maintain... ...ability to work with developers and engineers to determine appropriate mitigations to...Work experience placement
- ...Job Description Job Description We are actively seeking an Information Systems Security Engineer (ISSE) with a minimum of 11 years' experience with a Bachelor's Degree. Other degrees will be considered with the year's experience adjusted to accommodate. REQUIRED...
- ...clients. Lumark has an exciting job opportunity for an IA/System Security Engineer to join our team in support of the U.S. Military onsite in... ..., guidance, and standard operational procedures concerning Information security. Participates in IA risk assessments during the C&...Contract workImmediate start
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Information Security Engineer. Be the first to apply!
Related searches
- data engineer analytics Herndon, VA
- senior cloud data engineer Herndon, VA
- aws data engineer Herndon, VA
- data engineer machine learning Herndon, VA
- data center engineer Herndon, VA
- big data devops engineer Herndon, VA
- data science developer Herndon, VA
- senior data center engineer Herndon, VA
- data developer Herndon, VA
- data engineer Herndon, VA


