Security Engineer/ISSO Support

About the role

STS is looking for a Security Engineer / ISSO Support specialist to join a federal data engineering team. You will serve as the security and privacy authority on a federal data engineering program, protecting highly sensitive financial data and ensuring the platform meets the full spectrum of federal security requirements from design through production. Deep knowledge of the federal ATO process and hands-on Zero Trust implementation on AWS are prerequisites for this position. This position is contingent upon contract award. The Security Engineer / ISSO Support at STS will: Serve as the primary point of contact and subject matter expert for all security assessment and authorization activities; work with the government team in completing the ATO process for integrating new capabilities and support the full federal Software Development Lifecycle (SDLC) Implement and continuously maintain Zero Trust Architecture (ZTA) across the platform per federal Zero Trust mandates; ensure security controls are embedded at every layer of the technology stack from storage classifications through IAM roles, network controls, and application security Ensure full compliance with FISMA, NIST 800-53, NIST 800-63, OWASP ASVS Level 2, federal software supply chain security requirements, and all agency-mandated security, privacy, performance, and quality requirements Engage with the agency's privacy and security teams and the System Owner at the start of every new service, feature, or dataset design to assess information type, security classification, data retention, and whether a System of Records Notice (SORN), Privacy Impact Assessment (PIA), or other formal review is required Identify and document what data is collected and why, how it is used and shared, how it is stored and secured, how long it is retained, and how users will be notified in the event of a security breach; ensure compliance with the Privacy Act of 1974 and the Federal Records Act Ensure all code submitted to production is free of medium- and high-level static and dynamic security vulnerabilities per OWASP ASVS Level 2; integrate OWASP ZAP, SAST tools, government-provided container analysis tools, and dependency analysis into the CICD pipeline as part of the Definition of Done Ensure security scans are conducted at least once per sprint; review, document, and explain all false positives; ensure scan results are visible in the team performance dashboard Manage AWS IAM role configurations and naming standards; maintain Secrets Manager credential management and certificate validity across all environments Use CloudWatch logging, CloudTrail, and AWS Config to ensure the production environment remains consistent, controllable, and auditable Ensure compliance with federal AI governance requirements for all AI/ML platform components; ensure compliance with the Trusted Internet Connections (TIC) Initiative, Section 508, and the 21st Century Integrated Digital Experience Act Collaborate with the IV&V team and agency security staff to continuously improve the platform's security posture; support resolution of all security findings within contractually required timelines Participate in 2-week sprint ceremonies, quarterly PI planning, and agile delivery using JIRA and GitHub Education and Experience: Required Bachelor's degree or higher in Cybersecurity, Information Systems, Computer Science, or a related field 6+ years of experience in federal information security with demonstrated experience in an ISSO role or ATO-leadership capacity at a civilian federal agency; financial regulatory agency experience strongly preferred Deep working knowledge of FISMA, NIST 800-53, NIST 800-63, and the full federal ATO/SDLC process Hands-on experience implementing Zero Trust Architecture on AWS in a FedRAMP-authorized environment including IAM hardening, network segmentation, and application-layer sec

Additional Information

At Simple Technology Solutions, our people are our priority. We know our team members are more than employees-they're parents, friends, volunteers, artists, and athletes. That's why we offer flexibility to help them thrive personally and professionally while delivering exceptional solutions to our Federal Government clients. Our culture is built on collaboration, continuous learning, and excellence. We are mentors and thought leaders who share knowledge and foster growth. Recognized as a "Best Place to Work," we believe a range of perspectives helps us drive innovation and exceed customer expectations. At STS, taking care of our people isn't a perk-it's the standard. As a HUBZone company, we also offer special incentives for team members living in qualified HUBZones. Check out the HUBZone map HERE to see if you qualify! Simple Technology Solutions is looking for a Security Engineer/ISSO Support to add to our team. Quick Position Overview: US Citizenship is required Bachelor's Degree is required minimum of 6 years' position related experience is required

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at simpletechnologysolutions? Share your experience