Information Systems Security Engineer III at Trace3

Who is Trace3? Trace3 is a leading Transformative IT Authority, providing unique technology solutions and consulting services to our clients. Equipped with elite engineering and dynamic innovation, we empower IT executives and their organizations to achieve competitive advantage through a process of Integrate, Automate, Innovate. Our culture at Trace3 embodies the spirit of a startup with the advantage of a scalable business. Employees can grow their career and have fun while doing it! Trace3 is headquartered in Irvine, California. We employ more than 1,200 people all over the United States. Our major field office locations include Denver, Indianapolis, Grand Rapids, Lexington, Los Angeles, Louisville, Texas, San Francisco. Ready to discover the possibilities that live in technology? Come Join Us! Street-Smart - Thriving in Dynamic Times We are flexible and resilient in a fast-changing environment. We continuously innovate and drive constructive change while keeping a focus on the “big picture.” We exercise sound business judgment in making high-quality decisions in a timely and cost-effective manner. We are highly creative and can dig deep within ourselves to find positive solutions to different problems. Juice - The “Stuff” it takes to be a Needle Mover We get things done and drive results. We lead without a title, empowering others through a can-do attitude. We look forward to the goal, mentally mapping out every checkpoint on the pathway to success, and visualizing what the final destination looks and feels like. Teamwork - Humble, Hungry and Smart We are humble individuals who understand how our job impacts the company's mission. We treat others with respect, admit mistakes, give credit where it’s due and demonstrate transparency. We “bring the weather” by exhibiting positive leadership and solution-focused thinking. We hug people in their trials, struggles, and failures – not just their success. We appreciate the individuality of the people around us. *This position will be hybrid remote, with 1-3 days on-site in Colorado Springs, CO required | Active (or active within 24months) Secret Security Clearance required, can hold TS JOB SUMMARY: The Information System Security Engineer III (ISSE III) serves as a key technical leader responsible for integrating cybersecurity across the full lifecycle of complex information systems. This role acts as the primary liaison between systems engineering teams and security compliance stakeholders, ensuring security requirements are effectively implemented without compromising mission or operational objectives. This position supports a Department of Defense (DoD) program focused on enhancing the cybersecurity posture of mission-critical systems operating within Amazon Web Services (AWS) classified environments. The role is heavily centered on executing the Risk Management Framework (RMF), driving system hardening efforts, conducting vulnerability assessments, and developing the documentation required to achieve and maintain Authority to Operate (ATO). SUMMARY OF ESSENTIAL JOB FUNCTIONS: Security Architecture & Engineering • Design, develop, and implement secure architectures across multi-level systems, cloud environments (AWS), and on-premise networks • Integrate security controls into system design aligned with NIST 800-53 and DoD requirements Risk Management Framework (RMF) Leadership • Lead RMF lifecycle activities, including system categorization, control selection, implementation, and continuous monitoring • Tailor security controls based on system risk, mission needs, and operational constraints Assessment & Authorization (A&A) • Develop and maintain Body of Evidence (BoE) documentation, including: • System Security Plans (SSP) • Security Assessment Reports (SAR) • Plan of Action & Milestones (POA&M) • Support assessment activities and coordinate with Authorizing Officials and assessors Vulnerability Management & System Hardening • Conduct vulnerability scans using tools such as Nessus, ACAS, and SCAP • Analyze findings, prioritize risks, and drive remediation efforts with engineering teams • Implement and validate system hardening in accordance with DoD and industry standards Stakeholder Engagement & Security Advisory • Serve as a trusted advisor to engineering teams and leadership on cybersecurity risks and mitigation strategies • Translate technical vulnerabilities into mission and business risk for senior stakeholders • Provide security guidance on system changes, architecture decisions, and engineering trade-offs REQUIRED QUALIFICATIONS: • Minimum of 5 years of experience in cybersecurity, systems engineering, or information assurance • Experience implementing the DoD Risk Management Framework (RMF) in regulated or classified environments • Active certification meeting DoD 8570 / 8140 requirements (e.g., CISSP, CASP+, or equivalent) • Strong understanding of: • Network architecture and protocols • Encryption and key management • Secure system configuration (Windows and Linux) • Experience with vulnerability assessment tools (e.g., Nessus, ACAS, SCAP) • Ability to communicate complex technical risks to non-technical stakeholders PREFERRED QUALIFICATIONS: • CISSP-ISSEP or advanced cybersecurity certification • Experience working in AWS classified or GovCloud environments • Familiarity with DevSecOps pipelines and CI/CD security integration • Experience with container security (Docker, Kubernetes) • Knowledge of Zero Trust Architecture (ZTA) • Experience with compliance-as-code and automation tools PHYSICAL DEMANDS: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions. While performing the duties of this job, the employee is regularly required to: • Remain in a stationary position for extended periods of time. • Operate a computer, keyboard, and other office equipment using hands and fingers. • Communicate effectively in person, over the phone, and through electronic means. • Occasionally move about the office to access files, office equipment, and meeting spaces. • Lift and/or move up to 15 pounds as needed. • Maintain specific vision abilities, including close vision and the ability to adjust focus. WORK ENVIRONMENT: This position is performed within a secure, classified workspace. Employees must comply with all applicable security protocols and access control procedures, including restrictions on personal electronic devices and the handling of sensitive information. Actual salary will be based on a variety of factors, including location, experience, skill set, performance, licensure and certification, and business needs. The range for this position in other geographic locations may differ. Certain positions may also be eligible for variable incentive compensation, such as bonuses or commissions, that is not included in the base salary.Estimated Pay Range$14,000—$155,000 USD The Perks • Comprehensive medical, dental and vision plans for you and your dependents • 401(k) Retirement Plan with Employer Match, 529 College Savings Plan, Health Savings Account, Life Insurance, and Long-Term Disability • Competitive Compensation • Training and development programs • Major offices stocked with snacks and beverages • Collaborative and cool culture • Work-life balance and generous paid time off Our Commitment At the core of Trace3's DNA is our people. We are a diverse group of talented individuals who understand the importance of teamwork and demonstrating leadership, character, and passion in all that we do. We’re committed to fostering an inclusive workplace where everyone feels respected, valued, and empowered to grow. We recognize that embracing diversity drives innovation, improves outcomes, fosters collaboration, boosts teammate satisfaction, and builds a more inclusive culture. As an equal opportunity employer, Trace3 bases all employment decisions based on individual qualifications, merit, and business requirements. We do not engage in discrimination on the basis of race, color, religion, sex (including gender identity, sexual orientation, and pregnancy), national origin, age (40 or older), disability, genetic information, or any other characteristic protected by federal, state, or local law. Any demographic information provided is strictly voluntary, kept confidential in accordance with Equal Employment Opportunity (EEO) regulations, and will not be used in employment decisions, including hiring, promotions, or mentorship programs. We are committed to providing equal employment opportunities for all. If you require a reasonable accommodation to complete the application process or participate in an interview, please email [Upgrade to PRO to see contact]. ***To all recruitment agencies: Trace3 does not accept unsolicited agency resumes/CVs. Please do not forward resumes/CVs to our careers email addresses, Trace3 employees or any other company location. Trace3 is not responsible for any fees related to unsolicited resumes/CVs.