Information Assurance Security Engineer

About INflow Federal - founded in 2013, INflow Federal is a mission-driven small business delivering cutting-edge solutions to the Department of War (DoW) and Joint Force operations across 20+ states. Our strength comes from our people - especially the Veterans who make up over 50% of our workforce. Through our Veteran Outreach Program and employee-first culture, we invest deeply in professional growth, well-being, and innovation. Known for our agility, transparency, and integrity, INflow combines real-world experience with emerging technologies like AI/ML to help our customers lead in a rapidly evolving defense landscape. We empower both our employees and mission partners to stay ahead - driving smarter, faster, and more secure outcomes.

As an Information Assurance Security Engineer at INflow Federal, you will play a critical role in protecting mission-essential systems supporting the Intelligence Community. You will serve as a trusted technical advisor responsible for integrating security into every phase of the system lifecycle—from architecture and engineering through operations, accreditation, and continuous monitoring.

This position combines cybersecurity engineering, Risk Management Framework (RMF), cloud security, network defense, and enterprise infrastructure into a highly collaborative role supporting some of the nation’s most sensitive environments. Working alongside systems engineers, network engineers, developers, and cybersecurity professionals, you will ensure enterprise systems remain secure, compliant, resilient, and mission-ready.

At INflow Federal, your expertise directly supports national security while providing opportunities to work with emerging technologies, enterprise cloud solutions, and advanced cyber defense capabilities.

What You’ll Work On

You’ll help secure enterprise infrastructure operating within highly classified environments by designing and implementing security controls, supporting RMF accreditation efforts, conducting vulnerability remediation, performing incident response, and maintaining compliance with Intelligence Community and Department of Defense cybersecurity requirements.

Your work will span cloud environments, enterprise networking, virtualization platforms, endpoint security, vulnerability management, perimeter defense technologies, and continuous monitoring initiatives supporting critical mission systems.

Duties & Responsibilities

• Serve as a technical Information Assurance (IA) Security Engineer supporting enterprise systems throughout the system lifecycle.
• Develop, review, and maintain Information Security policies, procedures, Memorandums of Agreement (MOAs), and accreditation documentation.
• Support Certification & Accreditation (C&A) and Risk Management Framework (RMF) activities in accordance with ICD 503 and customer security requirements.
• Collaborate with software developers, systems engineers, project managers, and stakeholders to incorporate security into system design and implementation.
• Advise engineering teams on secure architecture, security controls, and regulatory compliance throughout project execution.
• Act as a representative of the Information System Security Manager (ISSM), ensuring compliance with applicable security policies and procedures.
• Support the operation, maintenance, and disposition of classified information systems in accordance with approved System Security Plans (SSPs).
• Develop and deliver user security awareness training and ensure users understand their Information Assurance responsibilities.
• Investigate security incidents, recommend corrective actions, and coordinate mitigation activities.
• Ensure enterprise hardware and software configurations comply with DISA Security Technical Implementation Guides (STIGs).
• Implement and enforce Information Assurance policies and security controls documented within RMF authorization packages.
• Perform Operations and Sustainment (O&S) support for enterprise network security infrastructure including firewalls, web gateways, mail gateways, intrusion detection systems, load balancers, and security management platforms.
• Configure, maintain, and harden enterprise security technologies to defend against emerging cyber threats.
• Perform forensic log and network traffic analysis to investigate security events and respond to escalated incidents.
• Administer and maintain security monitoring platforms including ACAS, HBSS, Carbon Black, Tanium, RedSeal, EMET, and related enterprise cybersecurity tools.
• Review vulnerability findings, analyze Plans of Action and Milestones (POA&Ms), and coordinate remediation efforts.
• Execute vulnerability remediation activities utilizing ACAS security scan results and customer security guidance.
• Support integration testing, operational readiness assessments, and system security validation.
• Maintain technical documentation, architecture diagrams, security procedures, and operational standards.
• Present security assessments, compliance reports, and technical findings to customer leadership and engineering teams.
• Participate in Configuration Control Boards (CCBs), technical reviews, and enterprise security planning efforts.
• Support multiple concurrent projects while operating effectively in a dynamic, mission-focused environment.

Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related technical discipline, or an equivalent combination of education, certifications, and experience.
• 10+ years of experience supporting Information Assurance, Cybersecurity Engineering, or Information Security within enterprise environments.
• Active Top Secret/SCI security clearance.
• IAM Level II certification in accordance with DoD 8570.01-M prior to start.
• Demonstrated experience supporting RMF and ICD 503 authorization processes.
• Experience securing Cloud Infrastructure, including AWS-based environments.
• Experience implementing and maintaining DISA STIG compliance.
• Experience with vulnerability management and enterprise security assessment tools.
• Strong understanding of enterprise networking, VLANs, routing, firewalls, virtualization, and Windows Active Directory.
• Experience with Unix and/or Red Hat Enterprise Linux administration.
• Experience developing PowerShell, Bash, Shell, or similar automation scripts.
• Strong written and verbal communication skills with the ability to present technical information to leadership.

Preferred Qualifications

Experience with one or more of the following technologies:

• CISSP, CAP, GSLC, CISM, or equivalent advanced cybersecurity certification
• AWS Cloud Security
• ACAS
• HBSS
• Carbon Black
• Tanium
• RedSeal
• EMET
• Windows Enterprise Administration
• VMware Virtualization
• Active Directory
• Enterprise Network Security
• Firewall Engineering
• Security Architecture
• Systems Administration
• Network Engineering
• Security Automation and Scripting
• Incident Response
• Digital Forensics
• Vulnerability Assessment and Remediation

Clearance Requirements

• Active DoD TS/SCI
• Ability to obtain a Counterintelligence (CI) Polygraph

Other Notes

• Some travel may be required: Must have valid driver’s license and transportation. This is subject to change at the direction of the customer.
• If accommodation is needed with your application or the interview process for applicants with disabilities, please contact Human Resources at 703-594-8601.
• Candidate must have the ability to lift up to 50 lbs.
• Must have willingness to perform duties not listed in the job description as required by INflow and our customer.

Citizenship Requirements

* Please note that INflow Federal is a defense contractor. Pursuant to our government contracts, candidates must be US Citizens to be considered for employment.

Equal Opportunity Employer 

Diversity and Inclusion

INflow provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

This commitment applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, leaves of absence, compensation, and training. Job applicants and employees are evaluated solely on job-related qualifications and experience.