Principal Information System Security Engineer

Clarity Innovations is a trusted national security partner, dedicated to safeguarding our nation's interests and delivering innovative solutions that empower the Intelligence Community (IC) and Department of Defense (DoD) to transform data into actionable intelligence, ensuring mission success in an evolving world.

Our mission-first software and data engineering platform modernizes data operations, utilizing advanced workflows, CI / CD, and secure DevSecOps practices. We focus on challenges in Information Warfare, Cyber Operations, Operational Security, and Data Structuring, enabling end-to-end solutions that drive operational impact.

We are committed to delivering cutting-edge tools and capabilities that address the most complex national security challenges, empowering our partners to stay ahead of emerging threats and ensuring the success of their critical missions. At Clarity, we are people-focused and set on being a destination employer for top talent, offering an environment where innovation thrives, careers grow, and individuals are valued. Join us as we continue to lead innovation and tackle the most pressing challenges in national security.

Position Description

The information systems security engineer is positioned in direct support of development teams building a new infrastructure as code environment, and is responsible for driving security innovation and implementation across the project. The role also entails the establishment and maintenance of ATO packages and their associated artifacts. Success in this position requires willingness to comfortably work in the forefront of new ideas and a desire to learn and apply automated and cutting edge practices (Classified Cloud, CI / CD, and more).

Key Responsibilities

• Manage and develop artifacts required to obtain a government continuous authorization to operate.
• Develop and integrate cybersecurity best practices for Kubernetes clusters and DevOps pipelines.
• Create and update artifacts (e.g., SSP, hardware / software lists, PPSM, SCTM).
• Maintain communication with project engineers on the implementation of security controls and policy enforcement turning Risk Management Framework security controls into technical requirements for delivery by software and platform engineers.
• Engage with the security control assessor from the authorizing official's office to support authorization assessments.
• Support the implementation of technologies into the CI / CD processes and systems to establish secure-by-default standards.
• Recommend security solution mitigations and enhancements supporting information assurance guidelines and customer requirements.
• Perform vulnerability / risk / security impact analysis of cloud CI / CD development systems, applications, networking, and orchestration during all phases of the system development life cycle.
• Provide input into an audit and accountability plan containing methods, procedures, and planned reviews for the continuing accreditation.
• Ensure that all information systems meet or exceed compliance requirements.
• Identify, report, and ensure the resolution of security violations.
• Monitor and review the regular updates / upgrades to equipment and procedures to maintain pace with information assurance requirements and business needs.

Qualifications

Cloud (prefer Azure or AWS)

Preferred Qualifications

Any of the following :

CCSP : Certified Cloud Security Professional

CISSP-ISSAP : Certified Information Systems Security Professional - Information Systems Security Architecture Professional

CSSLP : Certified Secure Software Lifecycle Professional

CKA : Certified Kubernetes Administrator

We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.