Title:
Information Systems Security Engineer (ISSE)
Position Summary:
Support the secure deployment and operation of the GEMSTONE platform across classified and unclassified environments, including air-gapped on-premises systems, ensuring systems are hardened, compliant, and accredited while helping evolve GEMSTONE into a secure hybrid cloud/on-prem platform.
Key Responsibilities:
Work closely with developers to integrate security into platform design and deployment workflows
Ensure systems comply with DoD STIGs, RMF controls, and security accreditation requirements
Support deployment of a modeling and simulation platform in cloud and on-premises Kubernetes environments with UDS Core
Support and secure air-gapped deployments, including installation, updates, and sustainment in disconnected environments
Collaborate with the platform team to design and evolve a hybrid architecture spanning cloud and on-prem systems
Implement and validate security controls, patching, and vulnerability remediation processes
Support Authority to Operate (ATO) activities, including documentation, validation, and audit readiness
Partner with the ISSM to maintain continuous monitoring and compliance posture
Assess and secure containerized workloads, APIs, and Kubernetes-based services
Guide implementation of network security, access controls, and boundary protections in classified environments
Participate in security reviews, risk assessments, and incident response activities
Support accreditation and deployment of applications transitioning to higher classification levels
Work Environment:
Qualifications:
Required:
- Bachelors degree in Computer Science or engineering related field
- 5+ years of experience in information system security engineering (ISSE) or software development/engineering
- Experience with Linux and Kubernetes
- Strong experience applying DoD STIGs, RMF framework, and security compliance requirements
- Experience supporting ATO processes for classified or government systems
- Experience securing Linux-based systems and hardened environments
- Familiarity with Kubernetes platforms and container security practices
- Experience supporting air-gapped or disconnected system deployments
- Experience securing hybrid cloud and on-premises architectures
- Knowledge of network security principles, including segmentation and access control
- Security+ certification
- Ability to identify and mitigate system vulnerabilities and cyber risks
- Strong collaboration skills to work with developers, platform engineers, and ISSM stakeholders
- Active TS clearance, SCI eligible required
- Must be located in Colorado Springs, CO and able to work on-site in a SCIF
Desired:
- Experience with Kubernetes distributions (e.g., UDS Core, OpenShift, Rancher)
- Familiarity with container security tools and vulnerability scanning platforms
- Experience with DevSecOps and securing CI/CD pipelines
- Knowledge of cross-domain or multi-classification system architectures
Basic Compensation:
$130,000-$170,000
This range is for the Colorado area only
The offered rate will be based on the selected candidate’s work location, knowledge, skills, abilities and/or experience, clearance level, contract affordability and in consideration of internal parity.
Ready to Make a Difference?
If you’re excited about making a significant impact in the field of space defense and working on projects that matter, we encourage you to apply and join our team at KBR. Let's shape the future together.
KBR Benefits
KBR offers a selection of competitive lifestyle benefits which could include 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, disability, paid time off, or flexible work schedule. We support career advancement through professional training and development.