Security Engineer II

RELXRaleigh, NC
Hybrid
Match Resume

About The Position

Execute monthly FedRAMP Continuous Monitoring activities, ensuring timely and accurate completion of deliverables. Maintain and update Plans of Action and Milestones (POA&Ms), including tracking remediation progress and validating closure. Review and analyze vulnerability scan results (e.g., Nessus) and assist with prioritization and escalation. Maintain an accurate, up-to-date view of vulnerability status across the environment. Track vulnerabilities through the full lifecycle: identification, validation, remediation, and closure. Monitor and report on aging vulnerabilities and SLA adherence. Ensure consistency between scan results, ticketing systems (e.g., ServiceNow), and POA&M records. Maintain continuous operational visibility into the security posture of FedRAMP systems, including vulnerabilities, assets, and control status. Validate that security-relevant data (scan results, logs, asset inventory, and tracking systems) is complete, accurate, and aligned across sources. Identify gaps in visibility (e.g., missing assets, incomplete scan coverage, inconsistent data) and escalate appropriately. Support continuous monitoring activities aligned with FedRAMP and NIST 800-137 (ISCM) expectations. Assist in ensuring that logging, monitoring, and security tooling provide sufficient coverage to support ongoing risk awareness and audit readiness. Prepare and maintain audit-ready documentation and ConMon artifacts, including monthly summaries. Partner with engineering, cloud, and security teams to support timely remediation efforts. Assist with annual assessments and audit preparation, including coordination with internal and external auditors. Identify recurring issues or trends and escalate to the senior lead for resolution.

Requirements

  • 2–4 years of experience in cybersecurity, vulnerability management, or compliance operations
  • Exposure to FedRAMP, NIST 800-53, or similar security frameworks
  • Hands-on experience working with vulnerability scanning tools (e.g., Nessus, Qualys)
  • Experience tracking vulnerabilities or security findings in a ticketing or tracking system (e.g., ServiceNow, Jira)
  • Strong organizational skills with the ability to manage and track large volumes of findings accurately
  • High attention to detail and commitment to maintaining data accuracy and consistency
  • Ability to identify and investigate discrepancies across multiple data sources
  • Understanding of the importance of continuous monitoring, system visibility, and audit readiness in regulated environments
  • Strong written and verbal communication skills
  • Ability to work independently while collaborating closely with a senior lead and cross-functional teams
  • BS Engineering/Computer Science or equivalent experience required
  • U.S. Citizenship required
  • Must meet IAL2 (Identity Assurance Level 2) requirements

Nice To Haves

  • Experience with FedRAMP Continuous Monitoring processes or reporting
  • Familiarity with POA&M management and audit support activities
  • Exposure to logging, monitoring, or SIEM platforms
  • Experience improving workflows through automation or scripting (e.g., PowerShell, Python, Power Automate)

Responsibilities

  • Execute monthly FedRAMP Continuous Monitoring activities
  • Maintain and update Plans of Action and Milestones (POA&Ms)
  • Review and analyze vulnerability scan results
  • Track vulnerabilities through the full lifecycle
  • Monitor and report on aging vulnerabilities and SLA adherence
  • Ensure consistency between scan results, ticketing systems, and POA&M records
  • Maintain continuous operational visibility into the security posture of FedRAMP systems
  • Validate that security-relevant data is complete, accurate, and aligned across sources
  • Identify gaps in visibility and escalate appropriately
  • Support continuous monitoring activities aligned with FedRAMP and NIST 800-137 (ISCM) expectations
  • Assist in ensuring that logging, monitoring, and security tooling provide sufficient coverage
  • Prepare and maintain audit-ready documentation and ConMon artifacts
  • Partner with engineering, cloud, and security teams to support timely remediation efforts
  • Assist with annual assessments and audit preparation
  • Identify recurring issues or trends and escalate to the senior lead

Benefits

  • annual incentive bonus

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Job Search Resources

Similar Security Engineer II job opportunities

Security Engineer II
Paragon Technology Group, Inc
Paragon Technology Group, Inc • Scott AFB, IL4d • Onsite
Security Engineer II
Early Warning Services
Early Warning Services • Scottsdale, AZ2d • Hybrid
Security Engineer II
Reed Technology
Reed Technology • Raleigh, NC3d • Hybrid
Security Engineer II
Microsoft
Microsoft • Redmond, WA8d • Onsite
Security Engineer II
Akamai
Akamai • Cambridge, MA4d • Hybrid
Security Engineer II
Early Warning®
Early Warning® • Scottsdale, AZ3d • Hybrid

Tools

Templates & Examples

Resources

Comparisons

Company

Over 4 Million Users
Free AI tools and resources to help you land your next job, faster
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service