Endpoint Security Engineer
About The Position
RIVA Solutions is seeking a mission-driven Endpoint Security Engineer to support the Department of Health and Human Services (HHS) Office of Inspector General (OIG). This individual will work in a hybrid capacity based in Washington, DC, and provide technical security engineering, endpoint device protection, and vulnerability reporting services. This position plays a key role in ensuring cybersecurity compliance across HHS systems and endpoints while aligning with federal mandates such as NIST, FISMA, FedRAMP, and CISA directives. The Endpoint Security Engineer will be responsible for engineering and maintaining secure endpoint systems, delivering vulnerability reports, and supporting Certification & Accreditation (C&A) processes. The role requires experience working in federal environments and familiarity with compliance standards, technical documentation, and presenting remediation strategies to leadership.
Requirements
- Bachelor’s degree in Information Systems, Computer Science, Engineering, or equivalent experience.
- 5–8 years of experience in cybersecurity engineering and endpoint management.
- Familiarity with federal cybersecurity standards and compliance documentation, including: NIST SP 800 series (800-53, 800-207, etc.), FISMA, FedRAMP, and FIPS 140-2, CISA Binding Operational Directives
- Hands-on experience with vulnerability management and reporting tools.
- Experience with system hardening, patching, and SIEM integrations.
- Strong technical writing and communication skills.
- Must be a U.S. Citizen and able to obtain a Public Trust clearance.
Nice To Haves
- Advanced degree in Cybersecurity, Computer Science, or related field.
- Security certifications (e.g., Security+, CISSP, CISM, CEH).
- Prior experience supporting HHS, DHS, DoD, or other federal agencies.
- Familiarity with Zero Trust Architecture and endpoint detection tools.
Responsibilities
- Endpoint Security Engineering
- Hands-on experience with vulnerability assessment, CVE/KEV reporting, and remediation tracking.
- Experience preparing and presenting security findings and compliance reports to executive management.
- Expertise in endpoint engineering and SIEM integration.
- Strong documentation and technical writing skills, including C&A documentation.
- Vulnerability Management & Compliance Reporting
- Monitor and assess CVE and Known Exploited Vulnerabilities (KEVs) published by CISA.
- Report and track vulnerabilities in compliance with CISA Binding Operational Directives (BODs).
- Deliver vulnerability and risk assessments to senior stakeholders.
- Support documentation related to SSPs, POA&Ms, and penetration test reports.
- Security Support & Accreditation
- Assist with system security documentation, audit responses, and remediation efforts.
- Provide log forwarding support to SIEM systems for continuous monitoring.
- Safeguard Personally Identifiable Information (PII) following NIST SP 800-122 guidelines.
Benefits
- Health, Dental, and Vision Coverage
- Life Insurance
- Retirement Benefits / 401K with Company Matching
- HSA / FSA Spending Accounts
- Long- and Short-Term Disability
- Pet Insurance
- Wellness Program Initiatives
- RIVA Flex – Flexible Work Environment
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
Associate degree
Number of Employees
101-250 employees
