Information Systems Security Engineer

Bethesda, MD
Full Time
Mid Level
Hoplite Solutions is seeking an Information Systems Security Engineer (ISSE) who will be responsible for designing, developing, and implementing secure information systems that support mission operations. The ISSE collaborates with multidisciplinary teams - including Information Systems Security Managers (ISSMs), software developers, systems engineers, and government stakeholders—to integrate effective security controls and ensure systems remain resilient against evolving threats and vulnerabilities. The ISSE also installs and maintains security scanning tools, performs vulnerability assessments, and reviews scan results to identify and remediate security risks. Additionally, the role ensures security tools and controls are properly integrated into the DevSecOps CI/CD pipeline, supporting continuous security testing and monitoring throughout the system lifecycle.

Primary Responsibilities:
  • Applying system security engineering principles in areas such as system security design, lifecycle engineering, authentication and authorization mechanisms, cryptography, intrusion detection, contingency planning, incident handling, auditing, configuration management, and change control.
  • Conducting or supporting technical cybersecurity assessments and security audits.
  • Coordinating with cybersecurity personnel and recommending mitigation strategies to reduce risk.
  • Identifying system vulnerabilities and instances of non-compliance with cybersecurity standards and regulatory requirements.
  • Collaborating with DevSecOps teams to review vulnerability scan results and support remediation of findings.
  • Performing vulnerability scans using approved customer tools and generating reports detailing findings and remediation progress.
  • Install, configure, and maintain security scanning and monitoring tools, ensuring they are properly integrated within system environments and DevSecOps pipelines.
  • Review vulnerability scan results, track remediation efforts, and coordinate with engineering teams to resolve identified security findings.
  • Support the Risk Management Framework (RMF) authorization process by reviewing security documentation and providing risk based recommendations to stakeholders regarding system risk posture as part of Authority to Operate (ATO) activities.
  • Manage and track Plans of Action and Milestones (for customer-sponsored systems, coordinating with key stakeholders including ISSOs, ISSEs, ISSMs, and Security Control Assessors (SCAs).

Basic Qualifications:
  • Experience conducting routine vulnerability scanning, providing formal and informal reports to technical teams, and tracking remediation activities.
  • Experience monitoring system and network security using Security Information and Event Management (SIEM) tools.
  • Experience reviewing security bulletins, threat intelligence, and vulnerability advisories to stay informed of current threats and emerging attack techniques.
  • Experience tracking Common Vulnerabilities and Exposures (CVEs) and mapping them to internal controls and remediation strategies.
  • Experience auditing systems to ensure compliance with secure configuration baselines and cybersecurity policies.
  • Investigate and respond to cyber security incidents (system and/or network breaches, malware attacks).
  • Experience using at least two vulnerability scanning tools, such as AWS Inspector, Tenable Security Center, Rapid7 Nexpose, SonarQube, or OWASP security tools.
  • System & network security monitoring with security information event management tools.
  • At least 1 Certification: CISSP, Splunk, Network+, Security+, OSCP, CEH, CASP+, ISSEP
  • Requires BS degree and 12 or more years of prior relevant experience. Will consider experience in lieu of a degree. Candidate without Bachelor’s Degree will be considered on a case-by-case basis and will be required to have an additional 4 years of related information security experience.
  • Candidate must have an active TS/SCI with polygraph
Preferred Qualifications:
  • Experience with Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) tools.
  • Experience using Splunk, including creating dashboards and security monitoring visualizations.
  • Familiarity with cloud computing platforms, such as AWS, Oracle Cloud, or Google Cloud Platform (GCP).

At Hoplite Solutions, we pride ourselves on offering competitive salaries and a comprehensive benefits package. This includes full coverage for health, dental, and vision insurance for both individuals and families, along with 100% coverage for life insurance, long-term and short-term disability. Additionally, we match up to 7% of employees' contributions to their 401(k) funds and follow the federal holiday calendar for paid holidays. With 4 weeks of paid time off and $5,000 yearly for education assistance or technical training, we're dedicated to supporting our employees' professional and personal growth.

Share

Apply for this position

Required*
We've received your resume. Click here to update it.
Attach resume or Paste resume
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

Invitation for Job Applicants to Self-Identify as a U.S. Veteran
  • A “disabled veteran” is one of the following:
    • a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
    • a person who was discharged or released from active duty because of a service-connected disability.
  • A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
  • An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
  • An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran status


Voluntary Self-Identification of Disability
Voluntary Self-Identification of Disability Form CC-305
OMB Control Number 1250-0005
Expires 04/30/2026
Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Please check one of the boxes below:

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

You must enter your name and date
Human Check*