Security Clearance: Active TS required with SCI eligibility (Polygraph a plus)
About Istari Digital
Istari Digital delivers a model-based digital engineering platform used by defense and aerospace organizations to design and operate mission-critical systems. Our platform is deployed into classified and high-security environments, where cybersecurity is foundational—not optional.
Role Overview
We are hiring a Cybersecurity Engineer to support customer deployments in classified environments, ensuring Istari’s platform operates securely, compliantly, and reliably in real-world mission systems.
This role sits within Customer Success and focuses on hands-on system and infrastructure security—not just documentation or policy.
Depending on your background, you may lean more toward:
-
System hardening (Windows/Linux)
-
Secure network infrastructure (classified environments)
In this role YOU will be the difference between a platform that looks secure on paper, and one that actually works inside real classified mission environments.
What You'll Do
-
Deploy and secure Istari’s platform in:
-
SIPR, JWICS, and air-gapped environments
-
Implement and validate:
-
DISA STIGs
-
NIST 800-53 / 800-171 controls
-
Perform hands-on security work, including:
-
System hardening (Windows & Linux)
-
Vulnerability scanning (ACAS/Nessus)
-
STIG validation and remediation
-
POA&M management
-
Design, configure, or support secure network architectures, including:
-
Segmentation, boundary defense, and routing in classified environments
-
Troubleshoot and resolve:
-
Security configuration issues
-
Connectivity and compliance blockers
-
Work directly with:
-
Customer security teams (ISSO, ISSM, AO, SCA)
-
Program and infrastructure teams
-
Provide feedback to engineering on:
-
Real-world deployment constraints
-
Security gaps and improvements
Required Qualifications
-
Active TS clearance with SCI eligibility
Security+ (required) — CISSP, CISM, or CASP+ preferred -
4+ years of hands-on experience in cybersecurity, system administration, or network engineering
-
Direct experience with:
-
NIST 800-53 / 800-171
-
DISA STIGs
-
Experience operating in:
-
Classified environments (SIPR, JWICS, SAP)
-
Strong experience securing:
-
Windows and/or Linux systems
-
Hands-on System Patching, STIG implementation and validation
-
Experience running scans, remediating findings, and managing POA&Ms
-
Experience designing or supporting:
-
Secure network architectures in classified environments
-
Knowledge of:
-
Network segmentation, boundary defense, and secure connectivity
-
Familiarity with STIGs for network devices and infrastructure
Must-Haves
Your Background (You may come from one or both areas)
Experience Profile A: System Hardening (System Administration)
Experience Profile B: Secure Infrastructure (Network Engineering)
What Makes You a Strong Fit
-
You started in a technical role (SysAdmin, Network, SOC) and moved into security
-
You’ve done real, hands-on work—not just compliance oversight
-
You’re comfortable working:
-
In deploying emerging technology into real-world classified environments
-
Under time pressure to meet deployment or mission deadlines
-
You stay long enough to see systems through deployment and accreditation
-
You’re comfortable in a startup environment—scrappy, fast-moving, and collaborative
-
You’re willing to do the work needed to get across the finish line, even when it’s manual