Cyber Engineer

About The Position

Requirements

• 3 to 6 years of progressive, hands-on experience in cybersecurity engineering with a focus on cloud environments.
• Bachelor’s degree in Cybersecurity, Computer Science, Information Assurance, or a related field. Relevant experience may substitute.
• Solid understanding of NIST 800-53, FedRAMP, FISMA, and STIG frameworks and their application in cloud environments.
• Hands-on experience with vulnerability management tools (Tenable.io, Qualys, Prisma Cloud, or equivalent).
• Practical experience with STIG implementation and hardening automation across Linux, Windows, and cloud-native services.
• Working knowledge of SIEM platforms (Splunk preferred) — log onboarding, SPL queries, alert configuration.
• Familiarity with cloud-native security services across AWS (Security Hub, GuardDuty, Config), Azure (Defender for Cloud), and/or GCP (Security Command Center).
• Understanding of IAM, secrets management, and encryption key management in cloud environments.
• Experience supporting ATO processes: control documentation, evidence collection, and POA&M management.
• Scripting proficiency in Python, Bash, or PowerShell for security automation and remediation tasks.
• U.S. Citizenship and the ability to obtain and maintain a DHS suitability / Public Trust clearance.

Nice To Haves

• CompTIA Security+ (required at hire), CASP+, or CISSP.
• Cloud security certifications: AWS Security Specialty, Microsoft SC-200/SC-300, CCSP, or equivalent.
• Certified Ethical Hacker (CEH) or GIAC certifications (GCIH, GCED, or GWAPT).
• DHS, or other federal cybersecurity program experience.
• Active Public Trust or higher clearance.

Responsibilities

• Perform continuous vulnerability scanning, analysis, and remediation tracking across cloud-hosted infrastructure and applications using tools such as Tenable.io, Prisma Cloud, or equivalent.
• Apply and validate STIG configurations across operating systems, cloud services, and containerized workloads; develop and maintain hardening scripts and automation.
• Support the Plan of Action and Milestones (POA&M) process — tracking open findings, validating remediations, and preparing reporting for program leadership and government stakeholders.
• Implement and maintain security controls aligned to NIST 800-53 Rev 5, FedRAMP High baselines, and DHS 4300A; support ATO documentation and continuous authorization activities.
• Integrate security tooling into CI/CD pipelines — SAST, DAST, container image scanning, SBOM generation, and secrets detection.
• Configure and maintain SIEM integrations (Splunk or equivalent), including log source onboarding, alert tuning, and incident triage support.
• Support Cloud Security Posture Management (CSPM) operations — misconfiguration detection, remediation, and drift prevention across AWS, Azure, and GCP.
• Conduct threat modeling and security architecture reviews for new cloud services and application deployments.
• Participate in incident response activities: containment, evidence collection, root cause analysis, and after-action reporting.
• Collaborate with Cloud Systems Engineers, Network Engineers, and DevOps teams to embed security into infrastructure and delivery workflows.

Benefits

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Family Leave (Maternity, Paternity)
• Short Term & Long Term Disability
• Training & Development
• Work From Home
• Wellness Resources
• Employee Bonus Programs