ZipRecruiter

Log In

1

Information System Security Jobs (NOW HIRING)

Markon

Information System Security Engineer

Chantilly, VA · On-site

$150K - $180K/yr

Perform Information System Security Engineering (ISSE) activities throughout the system development lifecycle in accordance with NIST SP 800-160, NRO RMF requirements, and applicable cybersecurity ...

Cymertek

Information System Security Officer

Reston, VA · On-site

Information System Security Officer LOCATION Reston, VA 20190 CLEARANCE TS/SCI Full Poly (Please note this position requires full U.S. Citizenship) KEY SUMMARY We are seeking a dedicated and detail ...

Markon

Information System Security Engineer

Chantilly, VA · On-site

$150K - $180K/yr

Perform Information System Security Engineering (ISSE) activities throughout the system development lifecycle in accordance with NIST SP 800-160, NRO RMF requirements, and applicable cybersecurity ...

Cymertek

Information System Security Officer

Aurora, CO · On-site

Information System Security Officer LOCATION Aurora, CO 80014 CLEARANCE TS/SCI Full Poly (Please note this position requires full U.S. Citizenship) KEY SUMMARY We are seeking a dedicated and detail ...

next page

Showing results 1-20

All JobsInformation System Security Jobs

Information System Security information

See salary details

$46K

$118.3K

$184.5K

How much do information system security jobs pay per year?

As of Jun 22, 2026, the average yearly pay for information system security in the United States is $118,327.00, according to ZipRecruiter salary data. Most workers in this role earn between $95,000.00 and $138,000.00 per year, depending on experience, location, and employer.

What does an information security job do?

An information security job involves protecting computer systems, networks, and data from cyber threats and unauthorized access. Professionals in this field implement security measures, monitor for breaches, and respond to incidents, often using tools like firewalls, encryption, and intrusion detection systems. Certifications such as CISSP or CompTIA Security+ are common in this role.

What is the difference between Information System Security vs Network Security?

AspectInformation System SecurityNetwork Security
FocusProtecting entire information systems, including hardware, software, data, and processesSecuring network infrastructure, data in transit, and network devices
CredentialsCertifications like CISSP, CISA, Security+Certifications like CCNA Security, CompTIA Security+
Work EnvironmentIT departments, cybersecurity teams, enterprise environmentsNetwork operations centers, cybersecurity teams, enterprise networks
UsageBroad security policies, risk management, system auditsFirewall configuration, intrusion detection, network monitoring

While both roles aim to protect organizational assets, Information System Security encompasses a broader scope, including hardware, software, and data, whereas Network Security specifically targets network infrastructure and data in transit. Understanding these differences helps organizations assign appropriate security responsibilities and professionals.

What are some common challenges faced by professionals in Information System Security roles, and how can they be addressed?

Professionals in Information System Security often encounter challenges such as staying current with rapidly evolving threats, managing complex compliance requirements, and balancing security protocols with user convenience. Addressing these challenges involves continuous learning through certifications and training, implementing robust monitoring tools, and fostering strong communication with other departments to ensure security measures support business objectives. Collaboration with IT, legal, and management teams is essential for proactive risk management and creating a security-aware culture within the organization.

What is Information System Security?

Information System Security, also referred to as InfoSec, involves protecting digital information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. Professionals in this field develop and enforce policies, implement security measures, and monitor network activity to safeguard sensitive data. They work to prevent cyberattacks, detect vulnerabilities, and ensure compliance with security standards and regulations. The role is essential in maintaining the confidentiality, integrity, and availability of organizational information and technology resources.

Is 40 too old for cyber security?

Information System Security professionals can enter the field at any age, as experience, skills, and certifications like CISSP or CompTIA Security+ are often more important than age. Many individuals successfully transition into cybersecurity later in their careers, bringing valuable perspectives and expertise. Age should not be a barrier to pursuing a career in cybersecurity if you have the necessary skills and motivation.

Can you make $500,000 a year in cyber security?

Information System Security professionals can potentially earn $500,000 annually, especially at senior levels or in executive roles such as Chief Information Security Officer (CISO). Achieving this salary typically requires extensive experience, advanced certifications like CISSP or CISM, and working in high-demand industries or organizations with large security budgets.

What are the key skills and qualifications needed to thrive as an Information System Security professional, and why are they important?

To thrive as an Information System Security professional, you need a deep understanding of cybersecurity principles, risk assessment, and network security, often supported by a degree in computer science or related fields. Familiarity with security tools such as firewalls, intrusion detection systems, and certifications like CISSP or CompTIA Security+ are typically required. Strong analytical thinking, attention to detail, and effective communication skills help professionals anticipate threats and explain complex issues to non-technical stakeholders. These skills and qualities are crucial to proactively protecting organizational assets and ensuring compliance with security standards.

Can I make $200 a year in cyber security?

Information System Security professionals typically earn much more than $200 annually, with entry-level positions often starting at several thousand dollars per year and experienced roles reaching six figures. Achieving higher salaries generally requires relevant certifications, skills in security tools, and experience in the field.
More about Information System Security jobs
What cities are hiring for Information System Security jobs? Cities with the most Information System Security job openings:
What states have the most Information System Security jobs? States with the most job openings for Information System Security jobs include:
What job categories do people searching Information System Security jobs look for? The top searched job categories for Information System Security jobs are:
Information System Security jobs near you
Infographic showing various Information System Security job openings in the United States as of June 2026, with employment types broken down into 78% Full Time, 21% Part Time, and 1% Contract. Highlights an 94% Physical, 2% Hybrid, and 4% Remote job distribution, with an average salary of $118,327 per year, or $56.9 per hour.

Information System Security Engineer

Markon

Chantilly, VA • On-site

$150K - $180K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 12 days ago

Job description

Description
Markon is building a talent pool of Information System Security Engineers (ISSEs) to support our IC client from Chantilly, VA. The ideal candidate will have in-depth knowledge and experience with secure systems engineering, firewall administration, and NIST/FISMA/RMF standards.
Responsibilities
  • Perform Information System Security Engineering (ISSE) activities throughout the system development lifecycle in accordance with NIST SP 800-160, NRO RMF requirements, and applicable cybersecurity directives.
  • Capture, refine, and document information protection requirements and ensure their integration into system acquisitions, engineering activities, and development efforts.
  • Integrate security functional requirements into acquisition lifecycle phases, program milestones, engineering documentation, and system development processes.
  • Assess cybersecurity risks, identify mitigation strategies, evaluate residual risk, and provide risk-based recommendations to stakeholders.
  • Support Risk Management Framework (RMF) activities, including system categorization, control implementation, assessment support, authorization support, and continuous monitoring activities.
  • Develop and maintain cybersecurity documentation supporting RMF and Assessment & Authorization (A&A) activities, including System Security Plans (SSPs), Security Assessment Reports (SARs), Plans of Action and Milestones (POA&Ms), risk assessments, and related artifacts.
  • Evaluate proposed system changes, technology integrations, and engineering solutions to determine cybersecurity impacts and recommend appropriate security requirements.
  • Support the design, development, implementation, integration, and sustainment of secure information systems and information assurance architectures.
  • Analyze system and network architectures to identify security requirements and recommend protections that support confidentiality, integrity, availability, authentication, and non-repudiation.
  • Recommend security architectures and engineering solutions that align with mission objectives, performance requirements, and cybersecurity best practices.
  • Conduct technical assessments to identify vulnerabilities, threats, and risks affecting enterprise, cloud, network, and mission systems.
  • Support vulnerability management activities, including vulnerability analysis, remediation planning, risk evaluation, and implementation of corrective actions.
  • Assess and recommend security controls, common controls, and compensating controls to address identified security requirements and risks.
  • Support the integration and implementation of Cross Domain Solutions (CDS) and coordinate with relevant stakeholders to ensure compliance with organizational processes and authorization requirements.
  • Apply Information Assurance (IA) and cybersecurity principles in support of enterprise IT systems, communications systems, cloud environments, and mission networks.
  • Support configuration management activities to maintain the security posture of hardware, software, operating systems, applications, and infrastructure components.
  • Participate in system testing, integration testing, security validation activities, and engineering reviews to verify security requirements have been properly implemented.
  • Collaborate with system engineers, program managers, security control assessors, authorizing officials, and other stakeholders to support system authorization and cybersecurity objectives.
  • Research emerging cybersecurity threats, vulnerabilities, technologies, and countermeasures and provide recommendations to improve system security and resiliency.
  • Participate in Integrated Product Teams (IPTs), engineering working groups, cybersecurity reviews, and technical forums to support mission and program objectives.
  • Support resilient system design and cybersecurity best practices that enable systems to operate through disruption, degradation, or hostile activity.

Qualifications
Minimum Qualifications:
  • An Active TS/SCI with a Counter Intelligence Poly (highly preferred from this client)
  • Bachelor's degree in Computer Science, Cybersecurity, Information Assurance, Information Systems, Computer Engineering, or a related technical field.
  • Minimum of three (3) years of experience supporting Information System Security Engineering (ISSE), cybersecurity engineering, information assurance, risk management, or related cybersecurity disciplines.
  • Current Information Assurance Management (IAM) Level II or equivalent qualifying certification in accordance with contract requirements:
    • CAP (Certified Authorization Professional)
    • CASP+ (CompTIA Advanced Security Practitioner)
    • CISM (Certified Information Security Manager)
    • CISSP (Certified Information Systems Security Professional)
    • GSLC (GIAC Security Leadership Certification)
    • CCISO (Certified Chief Information Security Officer)
  • Experience supporting cybersecurity activities throughout the system development lifecycle.
  • Knowledge of Risk Management Framework (RMF), NIST cybersecurity guidance, and Assessment & Authorization (A&A) processes.
  • Knowledge of cybersecurity principles, information assurance concepts, systems security engineering methodologies, and secure system design practices.
  • Experience evaluating security requirements, implementing security controls, and supporting cybersecurity compliance efforts.

Desired Qualifications:
  • Knowledge of ICD 503 and Intelligence Community authorization processes.
  • Experience supporting NRO, Intelligence Community, Department of Defense, or National Security systems.
  • Experience developing RMF authorization packages and supporting Authority to Operate (ATO) efforts.
  • Experience supporting cloud security, virtualization technologies, or enterprise infrastructure environments.
  • Experience supporting Windows, Linux, Unix, and macOS operating environments.
  • Experience integrating Commercial Off-The-Shelf (COTS) and Government Off-The-Shelf (GOTS) technologies.
  • Experience supporting Cross Domain Solutions (CDS), ICS/SCADA systems, or space system cybersecurity activities.

Salary Range
USD $150,000.00 - USD $180,000.00 /Yr.
The Markon pay range for this position is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Overview
Eager to join a team where your skills are valued, your growth is nurtured, and your impact is profound? Look no further than Markon, a premier consulting firm deeply dedicated to advancing our nation's most critical missions.
At Markon, we don't just offer jobs - we offer opportunities for personal and professional transformation. Empowering our employees to lead, innovate, and excel, we foster an environment where new ideas are not just welcomed but celebrated. As a perennial Washington Post Top Workplace, we prioritize the well-being and success of our team members, ensuring they can bring their best selves to work.
Headquartered in Falls Church, Virginia, Markon has garnered national recognition for our unwavering dedication to excellence in serving the intelligence community, as well as federal civilian and defense agencies. Our growing reach extends across 17 states, 116 countries, and 5 continents, where our team of dynamic professionals collaborates to deliver unparalleled program and project management services.
Markon values people and the tremendous impact each individual can make - which is why we're consistently recognized as one of the best places to work in federal government consulting. Here, you can help solve the nation's most important challenges, surrounded by colleagues who help you grow, advance, and succeed. We are deeply dedicated to what matters - bringing out the best in each other to advance our clients' missions.
Join us and make a meaningful impact.
Markon is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, national origin, age, protected veteran status, or disability status. This job posting will remain open until the position is filled.
Benefits Offered: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Training and Tuition Assistance, Paid Time Off, and Holidays

Apply