Back to Jobs
Herndon, United States of America Hybrid

Exostar is hiring an Information Security Engineer

Senior-level position within the Information Security Office reporting to the Manager of Governance & Engineering.. Requires advanced technical and architectural expertise in security engineering.. Focuses on designing secure systems, implementing controls, supporting audits, and managing risk in both on-premise and cloud environments.

Responsibilities

  • Evaluate, design, and advise on secure architectures for on-premise and cloud platforms, covering identity, access, network, and platform services.
  • Collaborate directly with infrastructure, platform, and development teams to convert security requirements into actionable technical designs and controls.
  • Deliver hands-on engineering support for deploying, validating, and correcting technical security controls.
  • Conduct threat modeling and security risk assessments and coordinate effective mitigation strategies.
  • Provide engineering expertise for controls aligned with standards such as CMMC L2, FedRAMP Moderate, ISO/IEC 27001, IAM, SOC 2, and others.
  • Develop and maintain accurate technical descriptions of security controls based on current architecture and operations.
  • Lead and support internal and external audits and assessments, including direct engagement with auditors and customers.
  • Translate technical implementations into clear, accurate, and defensible evidence for audit purposes.
  • Create, review, and update information security policies, standards, procedures, and guidelines to reflect actual system configurations and operations.
  • Identify, evaluate, and communicate security risks to both technical and non-technical stakeholders.
  • Track remediation progress and drive resolution of security issues across multiple teams.
  • Assess emerging technologies, regulatory updates, and industry trends for potential impact on security posture.
  • Serve as a subject matter expert for Identity and Access Management (IAM) and Public Key Infrastructure (PKI) systems.
  • Support compliance and auditing activities for PKI, identity federation, and authentication services.
  • Collaborate on governance documentation related to identity, trusted roles, and access control programs.

Requirements

  • Minimum of 7 years of hands-on IT security engineering experience providing guidance to technical teams.
  • At least 5 years of experience conducting threat modeling and security risk assessments.
  • Minimum of 5 years of network engineering and administration experience.
  • Minimum of 5 years designing and implementing security controls in on-premise and cloud environments.
  • Strong familiarity with secure software development lifecycle practices in Agile and DevSecOps environments.
  • Proven experience writing System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and technical audit documentation.
  • Extensive experience with ISO/IEC 27001/27002, NIST SP 800-171, and NIST SP 800-53 frameworks.
  • Experience participating in and supporting audits and assessments such as SOC 2, ISO 27001, and Cyber Essentials.
  • Excellent written and verbal communication skills with the ability to convey technical details to auditors, leadership, and business stakeholders.
  • Extensive experience using Jira and Confluence for project and documentation management.
  • Ability to pass a background investigation to obtain and maintain Trusted Role access to internal systems.
  • Strong understanding of core network services including HTTP, SMTP, and DNS, along with associated server technologies.
  • Hands-on experience with encryption technologies such as IPSec and SSL/TLS.
  • Experience with network security controls including firewalls, proxies, NAC, and phishing prevention tools.
  • Familiarity with SIEM and logging architectures, as well as File Integrity Monitoring (FIM) technologies.
  • Proficiency with Windows Active Directory and domain services.

Nice to Have

  • CMMC CCA or CCP certification.
  • Experience as a FedRAMP auditor or implementer.
  • Hold CISSP or other relevant technical certifications.
  • Experience with Governance, Risk, and Compliance (GRC) tools.
  • Knowledge of cloud computing and architecture.
  • Experience with Windows Domains and Active Directory.
  • Experience with endpoint protection solutions such as HIPS/HIDS.
  • Familiarity with web application programming using Java and related technologies.
  • Demonstrated ability to design multi-tier, highly available, multi-threaded, and scalable architectures.
  • Knowledge of secure development frameworks such as OWASP SAMM, Microsoft SDL, or IBM Secure Engineering Framework.
  • Experience with Public Key Infrastructure (PKI).
  • Familiarity with identity federation technologies like SAML.
  • Understanding of Business Continuity and Disaster Recovery planning.
  • Experience with SharePoint.
  • Experience with Data Loss Prevention (DLP) systems.
  • Knowledge of data labeling and Information Rights Management.
  • Experience with S/MIME-based secure email.
  • Experience with Windows Domains and Active Directory.
  • Experience with Identity and Access Management (IAM) systems.

Tech Stack

HTTP, SMTP, DNS, IPSec, SSL/TLS, firewalls, proxies, NAC, phishing prevention, SIEM, FIM, Windows Active Directory, Jira, Confluence, SAML, PKI, IAM, DLP, S/MIME, SharePoint

Benefits

  • Employee development through internal promotions, training, and educational assistance
  • Engaging workplace with social and community-building events
  • Comprehensive benefits package
  • Flexible time off plans

Work Arrangement

hybrid — Herndon, Virginia — in office 3x/week

Team

Reports to: Manager of Governance & Engineering

  • Belief in employee development
  • Promotion from within
  • Training and educational assistance
  • Fun and engaged workplace
  • Social and community-building events

Additional Information

  • Position is located in Herndon, Virginia
  • Hybrid work model requiring in-office presence 3 days per week
  • Must be able to pass a background investigation to attain and maintain Trusted Role access to company systems
  • Equal Opportunity Employer: The company provides equal employment opportunities without regard to race, color, religion, sex, national origin, age, marital status, disability status, or genetic information
Required Skills
HTTPSMTPDNSIPSecSSL/TLSFirewallsProxiesNACSIEMFIMThreat ModelingSecurity Risk AssessmentsNetwork EngineeringSecure SDLCDevSecOps HTTPSMTPDNSIPSecSSL/TLSfirewallsproxiesNACphishing preventionSIEMFIMWindows Active DirectoryJiraConfluenceSAML
About company
Exostar
Exostar's cloud-based platforms create exclusive communities within the Aerospace and Defense, Life Sciences, and other highly regulated industries where members securely collaborate, share information, and operate compliantly. Within these communities we build trust. By analyzing community data, we provide insights and intelligence, enabling organizations to make better, timelier decisions, to mitigate risk, and operate more efficiently.
All jobs at Exostar Visit website
Job Details
Department Information Technology
Category security
Posted 3 months ago

Similar Jobs

Other opportunities you might be interested in

Element Solutions

Sr. Security Engineer

Element Solutions

Remote (Global)
CCH Tagetik (Wolters Kluwer)

Lead Cyber Security Specialist - possibility of full remote

CCH Tagetik (Wolters Kluwer)

Lucca Hybrid
Chime

Senior Security Engineer

Chime

Buenos Aires Remote (Country)
Resideo

Cyber Security Architect/Engineer

Resideo

San Luis Potosí or Chihuahua Hybrid
Forcepoint

Sales Engineer

Forcepoint

Oman Remote (Country)
Shell

Senior Detect & Respond Analyst

Shell

Netherlands Hybrid