Cybersecurity Engineer

About The Position

Requirements

• Bachelor’s degree in Information Technology, Business, Engineering, or a related field required
• 3–6 years of hands-on experience in cybersecurity engineering, security operations, or compliance roles
• Demonstrated experience implementing or assessing controls against NIST SP 800-53 and/or NIST SP 800-171
• Working knowledge of CMMC Level 2 requirements and the assessment process
• Proficiency with security tooling such as SIEM platforms (Splunk, Microsoft Sentinel, or similar), EDR solutions (CrowdStrike, Defender for Endpoint), and vulnerability scanners (Tenable, Qualys)
• Familiarity with Microsoft 365 GCC-High or equivalent government cloud environments
• Experience with network segmentation, firewall policy review, and secure architecture principles
• Strong documentation skills — SSPs, POA&Ms, risk registers, and security policies
• Ability to obtain security clearance required

Nice To Haves

• Master’s degree preferred
• Prefer an active Secret Clearance
• Experience with the Fortinet product stack
• Familiarity with ITAR, EAR, or export-controlled data handling requirements
• Exposure to OT/ICS security standards (IEC 62443, NIST SP 800-82)
• Scripting or automation experience (PowerShell, Python, Ansible)
• Certifications: Security+, CISSP, CISM, CCP (CMMC Certified Professional), or CASP+

Responsibilities

• Work in conjunction with our SOC and Managed Service provider to Implement, configure, and tune cybersecurity tools including SIEM, EDR, vulnerability management platforms, and network monitoring solutions to meet CMMC and NIST 800-53 control requirements
• Conduct gap analyses and support internal and third-party compliance assessments (C3PAO readiness) for CMMC Level 2 certification
• Develop, maintain, and continuously improve System Security Plans (SSPs), Plans of Action & Milestones (POA&Ms), and associated documentation
• Monitor security alerts, investigate anomalies, and lead incident response activities in accordance with documented IR procedures
• Enforce CUI (Controlled Unclassified Information) handling policies and ensure data flows are properly segmented and protected across on-premises and cloud environments
• Collaborate with IT and engineering teams to integrate security controls into infrastructure design, cloud migrations, and system deployments
• Perform regular vulnerability scans, risk assessments, and remediation tracking in accordance with NIST RMF processes
• Support audit readiness activities including evidence collection, control testing, and stakeholder interviews
• Stay current with evolving DoD cybersecurity requirements, DIBNet guidance, and CMMC Accreditation Body updates

Benefits

• collaborative, mission-driven team that prioritizes innovation, continuous learning, and professional development
• empower our employees to take initiative, drive meaningful impact, and build rewarding long-term careers