Cybersecurity Engineer II

About The Position

Requirements

• As a requirement of this position, all candidates must be a U.S. Citizen. In accordance with 8 U.S.C. 1324b(a)(2)(C) , we will not consider candidates for this position who do not meet the aforementioned conditions.
• Must have an active Secret clearance with the ability to obtain a Top Secret with SCI eligibility or have an active Top Secret with SCI eligibility. Will be subject to a federal background investigation.
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience).
• 3+ years of progressive experience in cybersecurity engineering, system security, or cyber defense roles.
• Current CompTIA Security+ Ce certification required
• Must hold the following certifications or have the ability to obtain them the within 3 months of hire date: Current DISA 201 ePO and 301 ePO certifications Current Splunk certification (Admin, Engineer, Analyst or Architect certs will be accepted)
• Advanced experience with Trellix ePO administration in enterprise environments.
• Strong proficiency with Splunk SIEM, including SPL queries, dashboards, alerts, and reporting.
• Hands-on experience with ACAS/Nessus vulnerability scanning and remediation tracking.
• Expertise securing Windows and Linux operating systems, including system hardening and patch management.
• Experience with STIGs, SCAP, and configuration compliance validation.
• Knowledge of network and host-based security technologies including EDR, IDS/IPS, firewalls, and SIEM.
• Familiarity with scripting and automation (PowerShell, Bash, or Python) to support security operations.
• Strong understanding of NIST RMF and system authorization lifecycles.

Responsibilities

• Design, implement, and maintain cybersecurity controls to protect enterprise systems and networks.
• Administer and optimize Trellix ePO (formerly McAfee ePO) for endpoint protection, policy enforcement, threat detection, and incident response across Windows and Linux systems.
• Operate and maintain ACAS/Nessus vulnerability scanning solutions; analyze findings and support remediation efforts.
• Develop, maintain, and enhance Splunk dashboards, alerts, and correlation rules for security monitoring, log analysis, and threat detection.
• Perform technical security assessments, vulnerability assessments, and configuration compliance reviews.
• Support RMF activities including SSP development, POA&M management, control implementation, and continuous monitoring.
• Apply STIGs and SCAP benchmarks to Windows and Linux systems; validate compliance and document results.
• Analyze security events, logs, and alerts to identify indicators of compromise and support incident response actions.
• Collaborate with system administrators, network engineers, and cybersecurity leadership to implement risk mitigations.
• Provide technical recommendations to improve overall cybersecurity posture based on emerging threats and trends.
• Develop technical documentation including SOPs, security procedures, and assessment reports.

Benefits

• AMERICAN SYSTEMS provides for the welfare of its employees and their dependents through a comprehensive benefits program by offering healthcare benefits, paid leave, retirement plans, insurance programs, and education and training assistance.