COLSA is seeking multiple Information Systems Security Engineers – SME candidates for Key Personnel roles in support of a proposal anticipated in February 2026. Employment is contingent upon task order award.  

• Responsible for leading the implementation of a SAA (Security Assessment and Authorization) Program 
• Lead, mentor, and supervise a team of security professionals responsible for the end-to-end implementation of the RMF lifecycle for agency IT systems.
• Oversee and coordinate activities within the Prepare step, ensuring roles, responsibilities, and risk management strategies are clearly defined and maintained.
• Guide system categorization efforts to ensure all information systems are appropriately classified based on mission/business impact and regulatory requirements.
• Direct the selection, tailoring, and documentation of security controls aligned with system categorizations,  risk appetite, and compliance requirements.
• Oversee the implementation of technical, operational, and management controls throughout system and application lifecycles, with a particular focus on quality and completeness of all deliverables.
•  Ensure comprehensive security control assessments are planned, executed, and documented to validate the effectiveness of implemented safeguards.
• Prepare risk management documentation for system authorization and executive decision-making
•  Direct ongoing monitoring and continuous assessment activities, collecting metrics to adjust security strategies and ensure sustained compliance.
• Serve as a principal technical advisor on cybersecurity, bringing subject-matter expertise to risk analysis, incident response, system remediation, and audit support efforts.
• Foster a culture of security awareness, providing technical guidance and training to both team members and stakeholders.
• Track, report, and communicate status, risks, and improvement opportunities related to security engineering activities to leadership and stakeholders.
• Maintain up-to-date knowledge of RMF, NIST guidance, and industry best practices in support of continuous process improvement.

At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals!” Learn about our employee-centric culture and benefits here. 

Required Qualifications

• Bachelor’s degree in related discipline or equivalent experience 
• Minimum of 10 years of related experience
• Demonstrated experience leading RMF execution for complex, enterprise-scale systems.
• Strong knowledge of NIST RMF, security controls, assessment methodologies, and authorization processes.
• Proven ability to lead technical teams and influence senior stakeholders.
• Excellent written and verbal communication skills, including experience briefing executives and government leadership.
• Must currently hold an active Top Secret (TS) clearance. Clearance must be recent (issued or revalidated within the past five years) and meet requirements for SCI eligibility.

Preferred Qualifications

• Master’s degree in a relevant technical or security discipline.
• Professional certifications such as CISSP, CASP CE, CSSLP, CISSP-ISSEP, and/or CISSP-ISSAP
• Direct experience supporting federal civilian and federal law enforcement cybersecurity programs.
• Experience operating in high-compliance, mission-critical environments.
• Familiarity with audit, inspection, and continuous monitoring activities at scale

Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.