Principal Systems Security Engineer / Senior ISSM

The ISR (Intelligence, Surveillance & Reconnaissance), Aviation, and Security (IAS) business area is a leader in ISR and aviation, it is a leading prime manned and unmanned aircraft systems integrator for innovative, high-performance ISR and aviation systems. Its end-to-end Command, Control, Computers, Communications and Intelligence, Surveillance & Reconnaissance (C4ISR) capabilities encompass design, integration, test, certification, ground/flight training and complete logistics support. IAS tailors solutions to customer cost, performance, and schedule requirements and designs to consistently exceed expectations – with an unrivaled record of on time and on (or under) budget deliveries.

If you are adept at IT, identifying, installing, and troubleshooting technical solutions, and enjoy collaborating with multiple teams, we may have the perfect role for you! As a Principal Systems Security Engineer, you will act as a key leader in developing and executing our security strategy. You will oversee the security architecture, manage high-stakes security incidents, and provide expert consultation across the organization.

Responsibilities:

• The Principal Systems Security Engineer / Senior Information System Security Manager (ISSM) is a dual-mode technical SME and program security lead responsible for the end-to-end cybersecurity posture, compliance governance, and system accreditation of information systems within a complex, multi-classification defense program environment.
• This role combines active hands-on-keyboard technical security execution — vulnerability scanning, SIEM operations, STIG hardening, and system monitoring — with senior leadership accountability for ISSO team development, ATO lifecycle management, DCSA/DoW/IC compliance framework implementation, and direct representation of program security posture to government stakeholders and Authorizing Officials.
• The Principal Systems Security Engineer /Senior ISSM operates with authority across both the technical and governance dimensions of information security.
• On the technical side, they execute and oversee vulnerability management, security monitoring, configuration hardening, and incident response with hands-on proficiency.
• On the governance and leadership side, they own the program's RMF/ATO strategy, develop and enforce the security policies and procedures that govern the program environment, train and mentor ISSOs/ISSEs, coordinate with DCSA/DOW/IC and government stakeholders, and brief program security status at formal USG reviews.
• Neither dimension is optional — this role demands both simultaneously.

Qualifications You Must Have:

• Bachelor's degree in Systems Security, Network Engineering, Information Technology, or related Engineering discipline.
• 12+ years of experience in IT security or a related field.
• Relevant experience can be considered as a substitute for the required educational qualifications. In the absence of a degree, a minimum of 16 years of related experience is required.
• Higher level relevant degree may substitute for experience. 
• A minimum of 8 years in a formal ISSM role with direct ATO package ownership and government AO interface responsibility.
• Deep expertise in cybersecurity principles and practices.
• Experience with security frameworks and standards such as National Institute of Standards and Technology (NIST), ISO 27001.
• Demonstrated hands-on-keyboard Nessus/Tenable execution experience — must be able to describe configuring scan policies, executing credentialed scans, interpreting results, and building Tenable dashboards from personal execution, not oversight.

• Demonstrated hands-on ELK Stack (Elasticsearch, Logstash, Kibana) experience — log pipeline configuration, dashboard development, and security alert creation in a production or program security monitoring context.

• Demonstrated hands-on Splunk SIEM experience — developing correlation searches, dashboards, and security use cases; triaging SIEM alerts; and managing Splunk forwarder deployments.

• Active DISA STIG application experience — must have personally applied STIGs to live systems, not just reviewed or documented STIG compliance. Ability to describe specific STIG finding categories, compensating control documentation, and POA&M management.
• Demonstrated experience presenting security posture to government stakeholders — has personally briefed at government security reviews, ARBs, or AO-level meetings. Not supported a presenter — led the brief.
• Deep working knowledge of NIST 800-53 Rev 5 — can explain control families, tailoring rationale, control inheritance, and assessment procedures without reference material.

• Demonstrated RMF/ATO lifecycle ownership — has personally developed SSPs, SARs, POA&Ms, and security assessment evidence packages and presented them to a government AO for authorization decision.

• Working knowledge of DCSA DAAG requirements for classified IS accreditation — has operated within a DCSA-governed program environment and coordinated with DCSA field representatives.

• Working knowledge of CMMC framework — understands Level 2/3 practice domains, assessment objectives, and CUI protection requirements.
• Has authored or substantially contributed to PPSM documentation — understands port/protocol justification requirements, DoD PPSM registry process, and PPSM enforcement mechanisms.
• Demonstrate hands on proficiency on the following areas: Nessus / Tenable.sc, Tenable Dashboard Creation ELK Stack (Elastic/Kibana), Splunk SIEM, DISA STIGs / SRGs, eMASS / XACTA, RHEL / Linux, vSphere/VMware, GitLab / GitHub, Bash Scripting, CPU / System Architecture, PKI / Certificate Mgmt, NIST 800-53 Rev 5, RMF / ATO Process, DCSA DAAPM, CMMC Level 2/3, TEMPEST Requirements, PPSM Creation
• Current/Active Top Secret U.S. Security Clearance is required.

Qualifications We Prefer:

• CISSP (Certified Information Systems Security Professional) — active certification preferred. CISM, CASP+, or equivalent senior-level security certification. IAM Level III or IAT Level III baseline certification required per DoD 8570/8140.
• GitLab Certified Associate or GitHub Advanced Security certification.

• Red Hat Certified System Administrator (RHCSA) or equivalent Linux administration certification.

• Experience with Tenable Security Center (SC) enterprise deployment — multi-scanner architecture, repository management, and organizational reporting hierarchy configuration.
• Familiarity with cross-domain solutions (CDS) and data transfer guard administration in classified multi-domain environments.

• Experience with Zero Trust architecture implementation — network segmentation, identity-based access enforcement, and micro-segmentation concepts applied in a DoD program context.
• Proficient in IT project management practices with a solid understanding of PMI/PMP frameworks, including planning, monitoring, controlling, and risk management.
• Working knowledge of JIRA to manage and track Earned Value tasks, including schedule performance, cost performance, and workflow status
• Experience managing multidisciplinary RMF teams and executing security assessments in accordance with DoDI 8510.01, NIST SP 800‑53A, CNSSI 1253, and program‑level authorization processes

Essential Functions:

• Ability to work primarily at a computer for extended periods.
• Capability to participate in on-call rotation for incident response.
• Must be able to lift up to 25 lbs occasionally.
• Ability to work in an office or hybrid environment.
• Occasional travel may be required.

This posting will be open for application for a minimum of 5 days and may be extended based on business needs.

Estimated Starting Salary Range: $165,010.21 - $226,889.04. Compensation varies depending on a wide array of factors, such as candidates' key skills, relevant work experience, and education/training/certifications. The disclosed range estimate may be adjusted for any applicable geographic differential associated with the location at which the position may be filled.

SNC offers annual incentive pay based upon performance that is commensurate with the level of the position.

SNC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with 150% match up to 6%, life insurance, 3 weeks paid time off, tuition reimbursement, and more.

IMPORTANT NOTICE:

This position requires current/active Top Secret with SCI eligibility U.S. Security Clearance. U.S. Citizenship status is required as this position needs an active U.S. Security Clearance for employment. Non-U.S. Citizens may not be eligible to obtain a security clearance. The Department of Defense Consolidated Adjudications Facility (DoD CAF), a federal government agency, handles the adjudicative aspects of the security clearance eligibility process for industry applicants. Adjudicative factors which affect the outcome of the eligibility determination include, but are not limited to, allegiance to the U.S., foreign influence, foreign preference, criminal conduct, security violations and illegal drug use.

Learn more about the background check process for Security Clearances.

SNC is a global leader in aerospace and national security committed to moving the American Dream forward. We’re known and respected for our mission and execution focus, agility, and disruptive and rapid innovation. We provide leading edge technologies and transformative solutions that support our nation’s most critical security needs. If you are mission-focused, thrive in collaborative environments, and want to make our country stronger with state-of-the-art technologies that safeguard freedom, join our team!

SNC is an Equal Opportunity Employer committed to an environment free of discrimination. Employment decisions are made based on merit without regard to race, color, age, religion, sex, national origin, disability, status as a protected veteran or other characteristics protected by law.