Security Engineer/ISSO Support

About Simple Technology Solutions

At Simple Technology Solutions, our people are our priority. We foster a culture of collaboration, continuous learning, and excellence, recognizing that our team members are multifaceted individuals. As a HUBZone company, we offer special incentives for team members living in qualified HUBZones. We are committed to equal employment opportunity and merit-based employment practices.

The Role

STS is seeking a Security Engineer / ISSO Support specialist to join a federal data engineering team. You will serve as the security and privacy authority on a federal data engineering program, protecting highly sensitive financial data and ensuring the platform meets the full spectrum of federal security requirements from design through production. Deep knowledge of the federal ATO process and hands-on Zero Trust implementation on AWS are prerequisites for this position.

Note: This position is contingent upon contract award.

Responsibilities

• Serve as the primary point of contact and subject matter expert for all security assessment and authorization activities; work with the government team in completing the ATO process and support the full federal Software Development Lifecycle (SDLC).
• Implement and continuously maintain Zero Trust Architecture (ZTA) across the platform per federal Zero Trust mandates, ensuring security controls are embedded at every layer.
• Ensure full compliance with FISMA, NIST 800-53, NIST 800-63, OWASP ASVS Level 2, federal software supply chain security requirements, and all agency-mandated security, privacy, performance, and quality requirements.
• Engage with agency privacy and security teams and the System Owner to assess information type, security classification, data retention, and determine requirements for System of Records Notices (SORNs) or Privacy Impact Assessments (PIAs).
• Identify and document data collection, usage, sharing, storage, security, retention, and breach notification procedures, ensuring compliance with the Privacy Act of 1974 and the Federal Records Act.
• Ensure all code submitted to production is free of medium- and high-level static and dynamic security vulnerabilities per OWASP ASVS Level 2; integrate security tools into the CI/CD pipeline.
• Ensure security scans are conducted at least once per sprint, review and document false positives, and make scan results visible.
• Manage AWS IAM role configurations and naming standards; maintain Secrets Manager credential management and certificate validity.
• Use CloudWatch logging, CloudTrail, and AWS Config to ensure the production environment remains consistent, controllable, and auditable.
• Ensure compliance with federal AI governance requirements, the Trusted Internet Connections (TIC) Initiative, Section 508, and the 21st Century Integrated Digital Experience Act.
• Collaborate with the IV&V team and agency security staff to continuously improve the platform’s security posture and resolve security findings.
• Participate in agile sprint ceremonies, PI planning, and agile delivery using JIRA and GitHub.

Education and Experience

Required:

• Bachelor's degree or higher in Cybersecurity, Information Systems, Computer Science, or a related field.
• 6+ years of experience in federal information security with demonstrated experience in an ISSO role or ATO-leadership capacity at a civilian federal agency; financial regulatory agency experience strongly preferred.
• Deep working knowledge of FISMA, NIST 800-53, NIST 800-63, and the full federal ATO/SDLC process.
• Hands-on experience implementing Zero Trust Architecture on AWS in a FedRAMP-authorized environment.
• Experience with OWASP ZAP, SAST/DAST tooling, dependency analysis, and container security scanning integrated into CI/CD pipelines.
• Familiarity with AWS security services: IAM, Secrets Manager, CloudWatch, CloudTrail, AWS Config, and S3 bucket policy and sensitivity classification management.
• Experience conducting or supporting Privacy Impact Assessments (PIAs) and System of Records Notices (SORNs).
• Knowledge of the Privacy Act of 1974, Federal Records Act, Section 508, the 21st Century IDEA Act, and applicable federal Zero Trust, AI governance, software supply chain, and TIC mandates.
• Experience managing security for systems handling non-public, highly sensitive financial or regulatory data.
• Strong written and verbal communication skills; ability to produce authoritative security documentation.
• Experience in agile federal environments with sprint-based delivery, JIRA, and GitHub.
• Must be able to work 8 am - 5 pm Eastern Time.
• Active federal public trust suitability determination or ability to obtain one is required.
• Must be a U.S. citizen.

Equal Employment Opportunity

STS is committed to equal employment opportunity and merit-based employment practices. We provide equal opportunities to all employees and applicants and prohibit discrimination and harassment.