SecurityEngineer/ISSOSupport

## Accountabilities Serve as the primary ISSO and security subject matter expert supporting ATO processes and federal system authorization activities across the full SDLC. Design, implement, and maintain Zero Trust Architecture (ZTA) across AWS environments, ensuring security controls are embedded at every layer of the stack. Ensure compliance with federal standards including FISMA, NIST 800-53, NIST 800-63, OWASP ASVS Level 2, Privacy Act, and Federal Records Act requirements. Integrate security testing tools (SAST, DAST, OWASP ZAP, container scanning, dependency analysis) into CI/CD pipelines and enforce secure delivery practices. Manage AWS security services including IAM, Secrets Manager, CloudWatch, CloudTrail, AWS Config, and enforce secure configuration and logging standards. Support Privacy Impact Assessments (PIAs), System of Records Notices (SORNs), and documentation of data usage, retention, and protection policies. Collaborate with engineering, IV&V teams, and government stakeholders to resolve security findings and continuously improve system posture. Ensure auditability and compliance of production environments through monitoring, logging, and continuous security validation. Participate in Agile ceremonies, sprint planning, and DevSecOps delivery cycles using JIRA and GitHub. Requirements: Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field. 6+ years of experience in federal information security, including ISSO responsibilities or ATO leadership within a civilian federal agency. Strong expertise in FISMA, NIST 800-53, NIST 800-63, and federal ATO/SDLC processes. Hands-on experience implementing Zero Trust Architecture in AWS, including IAM hardening, segmentation, and cloud security controls. Proven experience with CI/CD security tooling such as SAST, DAST, OWASP ZAP, and container vulnerability scanning. Deep knowledge of AWS security services including IAM, CloudTrail, CloudWatch, AWS Config, and Secrets Manage