Cybersecurity Engineer

CMT Services IncWashington, DC, DC
Hybrid

About The Position

The Cybersecurity Engineer designs, implements, and maintains enterprise security controls that enforce Zero Trust — identity-centric access, least-privilege enforcement, continuous monitoring, and threat detection across cloud, network, and endpoint environments — ensuring security technologies and services are configured, hardened, and continuously monitored to strengthen CBO’s posture and detection/response capabilities.

Requirements

  • Hands-on experience engineering enterprise security controls across cloud, network, and endpoint per NIST SP 800-53 and NIST SP 800-207 Zero Trust.
  • Experience with IAM, RBAC, PAM, and MFA, and integration with enterprise identity providers.
  • Experience with SIEM and EDR/XDR — centralized logging, continuous monitoring, threat detection, triage, containment, and forensic collection.
  • Experience with vulnerability management, NIST RMF risk analysis, secure-baseline hardening, and patch/mitigation coordination.
  • Experience securing AWS and Azure cloud/hybrid environments and supporting audit readiness, SOPs, RCA, and 24/7 operations.
  • Bachelor’s degree in IT, Cybersecurity, or related field

Responsibilities

  • Support implementation, operation, and optimization of enterprise security platforms across cloud, on-premises, and hybrid environments.
  • Implement/maintain controls aligned with NIST SP 800-53 (AC, CM, SC, AU, IR, SI families) and NIST SP 800-207 Zero Trust.
  • Design/maintain least-privilege access — RBAC, privileged access management (PAM), and MFA across enterprise systems.
  • Configure/manage IAM solutions; integrate with enterprise identity providers for secure authentication/authorization.
  • Configure/maintain centralized logging, monitoring, and audit; integrate with enterprise SIEM; comply with retention policies.
  • Conduct continuous monitoring, vulnerability assessment, and risk analysis aligned with NIST RMF; harden systems/apps/cloud to secure baselines.
  • Secure cloud/hybrid environments (AWS, Azure) — security services, identity controls, network protections, workload security.
  • Identify/remediate vulnerabilities; coordinate patching/mitigation; support IR (alert monitoring, analysis, containment, forensic collection).
  • Maintain segmentation/access strategies to limit lateral movement; follow formal change management with security impact analysis.
  • Develop/maintain cybersecurity SOPs, system configurations, baselines, and asset inventories; perform RCA; support 24/7 monitoring (SIEM, EDR/XDR, cloud-native tools).
  • Collaborate with network, cloud, and application teams; serve as technical resource for advanced service desk and security issues.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service