Security Clearance: Active TS required with SCI eligibility (Polygraph a plus)About Istari DigitalIstari Digital delivers a model-based digital engineering platform used by defense and aerospace organizations to design and operate mission-critical systems. Our platform is deployed into classified and high-security environments, where cybersecurity is foundational—not optional.Role OverviewWe are hiring a Cybersecurity Engineer to support customer deployments in classified environments, ensuring Istari’s platform operates securely, compliantly, and reliably in real-world mission systems.This role sits within Customer Success and focuses on hands-on system and infrastructure security—not just documentation or policy.Depending on your background, you may lean more toward:System hardening (Windows/Linux)Secure network infrastructure (classified environments)In this role YOU will be the difference between a platform that looks secure on paper, and one that actually works inside real classified mission environments.What You'll DoDeploy and secure Istari’s platform in:SIPR, JWICS, and air-gapped environmentsImplement and validate:DISA STIGsNIST 800-53 / 800-171 controlsPerform hands-on security work, including:System hardening (Windows & Linux)Vulnerability scanning (ACAS/Nessus)STIG validation and remediationPOA&M managementDesign, configure, or support secure network architectures, including:Segmentation, boundary defense, and routing in classified environmentsTroubleshoot and resolve:Security configuration issuesConnectivity and compliance blockersWork directly with:Customer security teams (ISSO, ISSM, AO, SCA)Program and infrastructure teamsProvide feedback to engineering on:Real-world deployment constraintsSecurity gaps and improvementsRequired QualificationsMust-HavesActive TS clearance with SCI eligibilitySecurity+ (required) — CISSP, CISM, or CASP+ preferred4+ years of hands-on experience in cybersecurity, system administration, or network engineeringDirect experience with:NIST 800-53 / 800-171DISA STIGsExperience operating in:Classified environments (SIPR, JWICS, SAP)Your Background (You may come from one or both areas)Experience Profile A: System Hardening (System Administration)Strong experience securing:Windows and/or Linux systemsHands-on System Patching, STIG implementation and validationExperience running scans, remediating findings, and managing POA&MsExperience Profile B: Secure Infrastructure (Network Engineering)Experience designing or supporting:Secure network architectures in classified environmentsKnowledge of:Network segmentation, boundary defense, and secure connectivityFamiliarity with STIGs for network devices and infrastructureWhat Makes You a Strong FitYou started in a technical role (SysAdmin, Network, SOC) and moved into securityYou’ve done real, hands-on work—not just compliance oversightYou’re comfortable working:In deploying emerging technology into real-world classified environmentsUnder time pressure to meet deployment or mission deadlinesYou stay long enough to see systems through deployment and accreditationYou’re comfortable in a startup environment—scrappy, fast-moving, and collaborativeYou’re willing to do the work needed to get across the finish line, even when it’s manualCompensation$116,000 - $174,000 a year (may be additionally eligible for stipend, one time incentive, or % differential for clearance)
