Information Security Engineer

Nightwing provides technically advanced full-spectrum cyber, data operations, systems integration and intelligence mission support services to meet our customers’ most demanding challenges. Our capabilities include cyber space operations, cyber defense and resiliency, vulnerability research, ubiquitous technical surveillance, data intelligence, lifecycle mission enablement, and software modernization. Nightwing brings disruptive technologies, agility, and competitive offerings to customers in the intelligence community, defense, civil, and commercial markets.

Nightwing is supporting a U.S. Government customer to provide rapid deployment and management of secure cloud-based engagement kits for cyber incident response and threat hunting operations. As part of the Engagement Support Services (ESS) contract, this program enables analysts to quickly access the tools and environments they need to investigate cyber threats affecting federal agencies, state and local governments, and critical infrastructure. Working on this team means directly supporting the nation's cybersecurity defenders by ensuring they have reliable, scalable, and secure cloud infrastructure available within hours of a cyber incident—helping protect America's digital infrastructure when it matters most. 

The Information Security Engineer will ensure the security, compliance, and resilience of Bespin cloud engagement kits throughout their lifecycle. This position is responsible for implementing security controls, conducting continuous monitoring, managing vulnerabilities, and ensuring adherence to federal security requirements and best practices. 

Responsibilities: 

• Implement and maintain security controls for cloud engagement infrastructure 

• Enforce encryption standards (TLS 1.2/1.3) and hardened cloud configurations 

• Conduct continuous security monitoring and threat detection 

• Manage vulnerability assessment and remediation processes 

• Implement namespace obfuscation and data protection measures 

• Ensure compliance with federal security frameworks (NIST, FedRAMP, etc.) 

• Conduct security reviews of engagement kit configurations and deployments 

• Coordinate incident response activities related to security events 

• Develop and maintain security documentation and standard operating procedures 

• Perform security assessments of third-party cloud services and dependencies 

• Implement and manage identity and access management controls 

• Monitor for and respond to potential security incidents or anomalies 

• Support security aspects of engagement kit decommissioning and data sanitization 

• Provide security guidance and training to operations teams 

Required Skills: 

• U.S. Citizenship 

• Must have an active TS/SCI clearance 

• Must be able to obtain DHS Suitability 

• 5+ years of experience in information security, preferably in cloud environments 

• Strong knowledge of AWS security services and best practices 

• Experience with security monitoring and SIEM tools 

• Understanding of encryption, PKI, and data protection technologies 

• Knowledge of federal security compliance requirements (FISMA, FedRAMP, NIST 800-53) 

• Experience with AWS EC2/S3/VPC deployment and configuration, Cloudtrail, Cloudwatch, AWS Security Hub 

• Experience with Nmap, Nessus, Splunk Administration/Configuration 

• Linux/Unix System Administration (Alma9, RHEL, CentOS, Ubuntu from most to least) 

• Experience/knowledge with NIST, STIG, ATO, SOC, or system hardening experience 

• Experience with vulnerability management and penetration testing 

• Strong understanding of network security principles 

• Experience with security automation and scripting 

• Relevant security certifications (CISSP, Security+, CCSP, or similar) 

Desired Skills: 

• Experience supporting incident response or threat hunting operations 

• Knowledge of container and Kubernetes security 

• Experience with infrastructure-as-code security scanning 

• Familiarity with STIG implementation and compliance automation 

• Background in forensics or malware analysis 

• Experience with cloud security posture management tools 

• Knowledge of DevSecOps practices and tools 

Required Education: 

• Bachelor's degree in Cybersecurity, Computer Science, or related field, or High School diploma and 7+ years of directly relevant experience 

Desired Certifications: 

• AWS Certified Security – Specialty 

• DoD 8140 IAT Level 3 

Syndeo: ESS-3416 

At Nightwing, we value collaboration and teamwork. You’ll have the opportunity to work alongside talented individuals who are passionate about what they do. Together, we’ll leverage our collective expertise to drive innovation, solve complex problems, and deliver exceptional results for our clients.

Thank you for considering joining us as we embark on this new journey and shape the future of cybersecurity and intelligence together as part of the Nightwing team.

Nightwing is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.