COLSA is seeking multiple Information Systems Security Engineers – SME candidates for Key Personnel roles in support of a proposal anticipated in February 2026. Employment is contingent upon task order award.

• Responsible for leading the implementation of a SAA (Security Assessment and Authorization) Program
• Lead, mentor, and supervise a team of security professionals responsible for the end-to-end implementation of the RMF lifecycle for agency IT systems.
• Oversee and coordinate activities within the Prepare step, ensuring roles, responsibilities, and risk management strategies are clearly defined and maintained.
• Guide system categorization efforts to ensure all information systems are appropriately classified based on mission/business impact and regulatory requirements.
• Direct the selection, tailoring, and documentation of security controls aligned with system categorizations, risk appetite, and compliance requirements.
• Oversee the implementation of technical, operational, and management controls throughout system and application lifecycles, with a particular focus on quality and completeness of all deliverables.
• Ensure comprehensive security control assessments are planned, executed, and documented to validate the effectiveness of implemented safeguards.
• Prepare risk management documentation for system authorization and executive decision-making
• Direct ongoing monitoring and continuous assessment activities, collecting metrics to adjust security strategies and ensure sustained compliance.
• Serve as a principal technical advisor on cybersecurity, bringing subject-matter expertise to risk analysis, incident response, system remediation, and audit support efforts.
• Foster a culture of security awareness, providing technical guidance and training to both team members and stakeholders.
• Track, report, and communicate status, risks, and improvement opportunities related to security engineering activities to leadership and stakeholders.
• Maintain up-to-date knowledge of RMF, NIST guidance, and industry best practices in support of continuous process improvement.

_At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals!” Learn about our employee-centric culture and benefitshere. _

Required Skills

Required Experience

Required Qualifications

• Bachelor’s degree in related discipline or equivalent experience
• Minimum of 10 years of related experience
• Demonstrated experience leading RMF execution for complex, enterprise-scale systems.
• Strong knowledge of NIST RMF, security controls, assessment methodologies, and authorization processes.
• Proven ability to lead technical teams and influence senior stakeholders.
• Excellent written and verbal communication skills, including experience briefing executives and government leadership.
• Must currently hold an active Top Secret (TS) clearance. Clearance must be recent (issued or revalidated within the past five years) and meet requirements for SCI eligibility.

Preferred Qualifications

• Master’s degree in a relevant technical or security discipline.
• Professional certifications such as CISSP, CASP CE, CSSLP, CISSP-ISSEP, and/or CISSP-ISSAP
• Direct experience supporting federal civilian and federal law enforcement cybersecurity programs.
• Experience operating in high-compliance, mission-critical environments.
• Familiarity with audit, inspection, and continuous monitoring activities at scale

Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.