Systems Engineer Security Clearance

Position: Systems Engineer with Security Clearance
Systems Engineer

Location:

Herndon, Virginia
Category:
Information Assurance
Schedule (FT/PT):
Full Time

Shift: Day
Clearance:
Top Secret/SCI CI poly or eligible for CI poly
Salary: 140k-170k w/excellent benefits Currently seeking a Systems Engineer – Security focus to support an Intel Community (IC) customer in the Herndon, Virginia area. The Systems Engineer will support the design, implementation, operation, and sustainment of enterprise systems within classified environments. This role requires privileged access and hands-on technical expertise in system administration, log
aggregation and analysis (Splunk), scripting, and automation, with direct support to audit readiness, RMF, ATO sustainment, and FISCAM artifact production. The engineer will work closely with ISSOs, Security Engineers, and Audit SMEs to ensure
systems are operationally sound, auditable, and compliant while enabling continuous monitoring and rapid response. Engineering responsibilities for conducting information system engineering activities for new or existing system(s) may include:
• Perform systems engineering and administration activities for Windows and Linux environments, including configuration, hardening, patching, and operational sustainment.

• Maintain and operate systems requiring privileged user access, ensuring least privilege enforcement and auditability.

• Support system lifecycle activities including design changes, re-engineering efforts, upgrades, and performance tuning.

• Troubleshoot complex system issues across infrastructure, applications, and security tooling.

• Develop, maintain, and optimize Splunk searches, dashboards, and alerts to support, Security monitoring, audit evidence collection, and operational troubleshooting

• Write and refine SPL (Search Processing Language) queries to extract, correlate, and validate log data across multiple data sources.

• Ensure log sources are properly onboarded, retained, and aligned with audit and compliance requirements.

• Develop and maintain scripts (e.g., Power Shell, Bash, Python, SQL) to automate data collection for audits, validate system configurations, and support continuous monitoring activities

• Assist with automating evidence generation for recurring FISCAM, RMF, and internal audits.

• Provide technical support to Audit SMEs and ISSOs by producing, validating, and explaining system-level artifacts required for FISCAM audits and RMF assessments.

• Support documentation and validation of technical controls related to logging and monitoring, configuration management, access control, system integrity

• Assist in responding to audit findings, including root cause analysis and technical remediation.

• Work closely with ISSOs, ISSEs, auditors, and operations teams to ensure systems are both secure and operationally effective.

• Translate technical system behavior into clear, defensible explanations for auditors and assessors.

• Participate in engineering reviews, change control boards, and security assessments as needed.

Required Qualifications:

• Bachelor's degree in a relevant technical (STEM) field with 8+ years of relevant experience;
Master's degree in a relevant technical (STEM) field with 6+ years of relevant experience; or 4+ additional years of experience in lieu of a degree.

• TS/SCI with polygraph clearance adjudication or ability to obtain SCI and pass a poly

• Hold active Security+, CISSP, CISA, or equivalent certifications (DoD 8570 IAM 2 equivalent)

• One (1) year of experience with IC Community

• Experience in systems engineering or system administration in enterprise environments.

• Hands-on experience with Splunk (searches, dashboards, or administration).

• Experience using scripting or query languages (Power Shell, Bash, Python, SQL).

• Familiarity with RMF, ATO processes, and audit support in federal environments.

• Ability to operate with privileged system access in classified environments.

• Proven experience with Linux/Red Hat, Windows Server and/or Networking Appliances in Virtualized/Cloud platforms

• Proven experience with DISA Security Technical Implementation Guide (STIG) implementation and Security Content Automation Protocol (SCAP) tool usage

• Hands on…