Security Clearance: Active TS required with SCI eligibility (Polygraph a plus) About Istari Digital Istari Digital delivers a model-based digital engineering platform used by defense and aerospace organizations to design and operate mission-critical systems. Our platform is deployed into classified and high-security environments, where cybersecurity is foundational—not optional. Role Overview We are hiring a Cybersecurity Engineer to support customer deployments in classified environments, ensuring Istari’s platform operates securely, compliantly, and reliably in real-world mission systems. This role sits within Customer Success and focuses on hands-on system and infrastructure security—not just documentation or policy. Depending on your background, you may lean more toward: System hardening (Windows/Linux) Secure network infrastructure (classified environments) In this role YOU will be the difference between a platform that looks secure on paper, and one that actually works inside real classified mission environments. What You'll Do

Deploy and secure Istari’s platform in:

SIPR, JWICS, and air-gapped environments

Implement and validate:

DISA STIGs

NIST 800-53 / 800-171 controls

Perform hands-on security work, including:

System hardening (Windows & Linux)

Vulnerability scanning (ACAS/Nessus)

STIG validation and remediation

POA&M management

Design, configure, or support secure network architectures, including:

Segmentation, boundary defense, and routing in classified environments

Troubleshoot and resolve:

Security configuration issues

Connectivity and compliance blockers

Work directly with:

Customer security teams (ISSO, ISSM, AO, SCA)

Program and infrastructure teams

Provide feedback to engineering on:

Real-world deployment constraints

Security gaps and improvements

Required Qualifications

Must-Haves

Active TS clearance with SCI eligibility

Security+ (required) — CISSP, CISM, or CASP+ preferred

4+ years of hands-on experience in cybersecurity, system administration, or network engineering

Direct experience with:

NIST 800-53 / 800-171

DISA STIGs

Experience operating in:

Classified environments (SIPR, JWICS, SAP)

Your Background (You may come from one or both areas)

Experience Profile A: System Hardening (System Administration)

Strong experience securing:

Windows and/or Linux systems

Hands-on System Patching, STIG implementation and validation

Experience running scans, remediating findings, and managing POA&Ms

Experience Profile B: Secure Infrastructure (Network Engineering)

Experience designing or supporting:

Secure network architectures in classified environments

Knowledge of:

Network segmentation, boundary defense, and secure connectivity

Familiarity with STIGs for network devices and infrastructure

What Makes You a Strong Fit

You started in a technical role (SysAdmin, Network, SOC) and moved into security

You’ve done real, hands-on work—not just compliance oversight

You’re comfortable working:

In deploying emerging technology into real-world classified environments

Under time pressure to meet deployment or mission deadlines

You stay long enough to see systems through deployment and accreditation

You’re comfortable in a startup environment—scrappy, fast-moving, and collaborative

You’re willing to do the work needed to get across the finish line, even when it’s manual

Cybersecurity Engineer – Classified Infrastructure (Customer Success)

TLDR

Must-Haves

Your Background (You may come from one or both areas)

Experience Profile A: System Hardening (System Administration)

Experience Profile B: Secure Infrastructure (Network Engineering)