Information Security Engineer Jobs

Assurit

Location:
United States

Category:
IT - Administration

Contract Type:
Not provided

Salary:

Not provided

Save Job

Apply Position

Job Description:

Assurit is currently seeking an experienced Information Security Engineer to support one of our clients. We are seeking an Information Security Engineer with strong experience defining security requirements, developing policies, and performing vulnerability and risk assessments for sensitive or classified environments. This role is responsible for analyzing information flows, evaluating system sensitivity, and designing security controls and processes that protect critical assets across enterprise systems. The engineer will play a key role in shaping security programs, strengthening governance, and ensuring that systems and data remain protected in alignment with security best practices and regulatory expectations.

Job Responsibility:

Analyze system and information sensitivity to determine appropriate security requirements, protections, and controls
Define, develop, and maintain security policies, standards, and procedures governing information protection
Conduct vulnerability assessments and risk evaluations based on information sensitivity, system architecture, and information flows
Identify security gaps and recommend risk-based mitigation strategies and improvements
Support the design and implementation of security controls, ensuring alignment with organizational and regulatory requirements
Assess security architectures and recommend enhancements to improve confidentiality, integrity, and availability
Collaborate with cross-functional teams to ensure security requirements are integrated into system design, development, and operations
Produce clear documentation, reports, and artifacts supporting security analysis, decision-making, and audit readiness
Assist with continuous monitoring, metric development, and policy updates to support evolving mission needs

Requirements:

Bachelor’s degree in Information Security, Computer Science, Information Systems, or related discipline
or equivalent experience
5+ years of experience defining security programs or processes for the protection of sensitive or classified information
Strong understanding of security control frameworks and requirements (e.g., NIST SP 800-53, RMF, ISO 27001, FIPS)
Experience performing vulnerability assessments, risk analysis, and security architecture reviews
Ability to evaluate system design and information flow to identify security risks and define required protections
Strong experience developing or maintaining security policies, standards, and procedures
Excellent analytical, problem-solving, and decision-making skills
Strong communication skills with the ability to create clear documentation and explain complex concepts to technical and non-technical audiences

Nice to have:

Experience supporting federal, DoD, or other highly regulated environments
Familiarity with classified information handling requirements or insider threat programs
Knowledge of secure system design, access control models, and network security principles
Professional certifications such as: CISSP
Security+
CCSP
GIAC (GSEC, GCCC, etc.)
CAP

What we offer:

medical and dental coverage
paid time off

Additional Information:

Job Posted:
December 06, 2025

Work Type:

Hybrid work

View All Jobs In This Company

Job Link Share:

Information Security Engineer