Nightwing provides technically advanced full-spectrum cyber, data operations, systems integration and intelligence mission support services to meet our customers' most demanding challenges. Our capabilities include cyber space operations, cyber defense and resiliency, vulnerability research, ubiquitous technical surveillance, data intelligence, lifecycle mission enablement, and software modernization. Nightwing brings disruptive technologies, agility, and competitive offerings to customers in the intelligence community, defense, civil, and commercial markets.
Information Systems Security Engineer
The Information Systems Security Engineer (ISSE) is responsible for ensuring the cybersecurity architecture, design, development, and deployment comply with government and industry cybersecurity standards and security requirements. The ISSE works closely with system architects, developers and security teams to ensure security requirements are integrated throughout the all phase's system development life cycle (SDLC).
The ISSE shall perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Cybersecurity standards and regulations, and recommend mitigation strategies. As well as support security authorization activities in compliance to include DOD Risk Management Framework (RMF), the NIST Risk Management Framework (RMF) process.
Duties / Responsibilities include but are not limited to:
- Perform Risk Management Framework (RMF) activities and provide technical guidance and compliance oversight in alignment to achieve Authority to Operate (ATO)
- Assist with the generation of comprehensive system security documentation and artifacts, to include but not limited to a Plan of Action and Milestones (POA&M), for obtaining and maintaining Interim Authorization to Test (IATT), Authority to Connect (ATC) and Authorization to Operate (ATO).
- Develop and maintain Assessment and Authorization (A&A) artifacts and security documentation to include, but not limited to System Security Plans (SSP), Plan of Action and Milestone (POAM), Contingency Plan, Incident Response Plan, Configuration Management Plan for all customer enclaves and systems.
- Ensure system documentation reflects current system security configurations to include hardware and software components, data flow, interconnections, and ports, protocols, and services, etc.
- Perform continuous monitoring of security controls to ensure that they are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the cybersecurity requirements for assigned IT systems.
- Gather the information by working with various systems owners, project managers, customers and engineering team members in order to write various additional A&A related documents such as Contingency Plan (CP), General User Guide (GUG), Privileged User Guide (PUG), Standard Operating Procedures (SOP's), etc.
- Perform continuous monitoring of security controls to ensure that they are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the cybersecurity requirements for assigned IT systems.
- Support the develop and implement security solutions and architectures that align with DOD policies and RMF (Risk Management Framework)
- Analyze problems and provide focused solutions to effectively communicate information to various audiences verbally and through written communications.
- Participate as the primary security engineering representative on engineering teams for the design, development, implementation, evaluation, and/or integration of secure networking, computing, and enclave environments
- Serve as the technical security advisor for systems under development and operational systems.
- Participate in system design reviews to identify potential security issues and suggest mitigation strategies
- Evaluate and recommend tools and technologies for system security enhancement.
• Support the development and enforcement of security policies, standards, and procedures.
- Conduct system security engineering activities including design, testing, integration, and implementation
- Advise system owners on all matters, technical and otherwise, involving the security of assigned IT systems.
- Work with the System Owner and Director of IT Security to categorize systems, assess security controls, and document results.
- Analyze problems and provide focused solutions to effectively communicate information to various audiences verbally and through written communications.
- Apply knowledge of IA policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments
- Maintain thorough documentation of all activities and communications through ticketing systems, operational briefs, and status reports.
- Contribute to the DevSecOps cycle and change management process, ensuring security is integrated throughout the software development lifecycle
- Provides security recommendations for systems using Cloud services
- Perform risk assessments and recommend control improvements to address identified gaps
- Analyze, interpret, and apply Federal cybersecurity guidance to customer needs.
- Develop and maintain cybersecurity procedures and processes for the customer
Education and Certification Requirements:
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field (Master's preferred).
- DoDD 8570.01-M IAT
- DoDM 8140.03 CYBERSPACE WORKFORCE QUALIFICATION
Experience Requirements:
- 4-7 years of experience in information systems security engineering or related field
- Experience with government cybersecurity frameworks such as NIST RMF, FISMA, or DOD STIGs
- Familiarity with security tools (e.g., ACAS, SCAP, HBSS, Splunk, SIEM platforms)
- Strong knowledge of DOD cybersecurity policy, especially DODI 8500.01, 8510.01, and RMF
- Familiarity with industry standards-based documentation, certification, and accreditation such as ISO 27001, NIST SP 800-53, NIST sp 800-71, CMMC, and Security Technical Implement Guides (STIGs) and Center for Internet Security (CIS) Benchmarks
- Hands-on experience with security engineering tools (e.g., ACAS, SCAP, STIGs)
Clearance Requirements:
- US Citizenship
- Must have at least a current active SECRET clearance
Additional desired (Not Required) certifications, skills, experience, and/or knowledge:
- Master's degree or advanced technical training
- Experience supporting classified environments and systems
Previously part of a leading Fortune 100 company and headquartered in Dulles, VA; Nightwing became independent in 2024 but continues to support the nation's most mission impactful initiatives.
When we formed Nightwing, we brought a deep set of credentials and an unfaltering commitment to the mission. For over four decades, our team has been providing some of the world's most technically advanced full-spectrum cyber, data operations, systems integration and intelligence support services to the U.S. government on its most important missions.
At Nightwing, we value collaboration and teamwork. You'll have the opportunity to work alongside talented individuals who are passionate about what they do. Together, we'll leverage our collective expertise to drive innovation, solve complex problems, and deliver exceptional results for our clients.
Thank you for considering joining us as we embark on this new journey and shape the future of cybersecurity and intelligence together as part of the Nightwing team.
At Nightwing, we value collaboration and teamwork. You'll have the opportunity to work alongside talented individuals who are passionate about what they do. Together, we'll leverage our collective expertise to drive innovation, solve complex problems, and deliver exceptional results for our clients. Thank you for considering joining us as we embark on this new journey and shape the future of cybersecurity and intelligence together as part of the Nightwing team. Nightwing is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.