Security Engineer

Paradyme, a CATHEXIS Company is a rapidly growing government technology leader that puts service first, for its customers, its team and the communities it supports. We harness DevSecOps and Agile development processes to deliver exceptional results for digital transformations. With headquarters office in Tysons Corner, VA, Paradyme’s award-winning culture sets it apart through its team’s deep commitment to service and collaboration with its customers, each other and the community. Learn more at www.paradyme.us .

Paradyme, a CATHEXIS Company is hiring a Security Engineer.  The candidate will be an experienced Security Engineer with knowledge in US Government system security accreditation processes. In this position efforts will run full system lifecycle, from initial design and architecture through assessment and continuous monitoring. Extensive knowledge of NIST Risk Management Framework (RMF) and associated controls (NIST SP 800-*, etc) is required.

Responsibilities

• Possess a strong business and IT background to validate IT related solutions that gives the best results to the customer
• Develop and maintain system security documentation, including System Security Plans (SSPs), POA&Ms, Security Assessment Reports (SARs), and other ATO-related artifacts.
• Conduct security control assessments (SCAs), vulnerability scans, and risk analysis to support accreditation efforts.
• Interface with stakeholders including ISSMs, ISSOs, system owners, and government security officials.
• Support the integration of security into DevSecOps pipelines and cloud-native environments, where applicable.
• Advise engineering teams on secure design principles and NIST SP 800-53 control implementation strategies.
• Maintain awareness of evolving federal cybersecurity policies and regulations (NIST 800-series, Zero Trust, etc.).

Qualifications

• Bachelors Degree in related field or area of expertise.
• 7+ year information technology experience.
• 3+ years of experience supporting federal RMF and system accreditation efforts.
• Strong understanding of NIST SP 800-53, FISMA, and associated compliance frameworks.
• Experience developing and maintaining security documentation and working within governance tools (e.g., eMASS, Xacta, CSAM).
• Knowledge of common enterprise technologies (Windows, Linux, networking, cloud platforms).
• Strong analytical, documentation, and communication skills.
• Certified Information Systems Security Professional (CISSP) certification strongly preferred.
• Familiarity with DevSecOps environments or infrastructure-as-code (Terraform, Ansible) preferred.
• Working knowledge of vulnerability scanning and analysis tools (e.g., Nessus, OpenVAS, Trivy, ACAS) preferred.

Physical Requirements: These are the essential physical requirements needed to successfully perform the job.

• Sedentary work.
• Requires sitting up to 8 hours per day.
• May require lifting up to 5 pounds unassisted.
• Fine repetitive motor skills with hands, wrists, and fingers in coordination with eyes.
• Hearing, speaking, and vision: Adequate to perform job duties and communicate in person, via video, and telephone. Includes reading information from printed sources and computer screens.
• Other: Work may be performed in an office environment, which may involve frequent contact with staff and the public. Work may be stressful at times.

Paradyme, a CATHEXIS Company is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact HR@paradyme.us