Security Engineer - Junior

BDR Solutions LLC•Herdon, KY

3d•$80,000 - $110,000

About The Position

BDR Solutions LLC is seeking a motivated Security Engineer to support secure data platform operations within an IRS cloud environment. This role focuses on implementing security controls, supporting tenant onboarding, and assisting with continuous monitoring and compliance activities aligned with federal standards. The ideal candidate will have foundational experience in cloud and IT security, working knowledge of AWS security services, and familiarity with NIST 800-53 and FedRAMP requirements. In this role, you will contribute to security reviews, vulnerability management, IAM governance, and audit support, ensuring adherence to established policies and timelines. You will collaborate with senior cybersecurity staff to maintain documentation, support compliance efforts, and help safeguard sensitive data through strong access controls and security best practices.

Requirements

Active MBI required
IRS or federal agency security experience preferred
2–4 years in IT security, cloud security, or compliance roles
CompTIA Security+ required; CompTIA CySA+ or Cloud+ preferred
Working knowledge of AWS security services: IAM, CloudTrail, Security Hub, GuardDuty
Familiarity with NIST 800-53 security controls and FedRAMP requirements
Basic experience with vulnerability scanning tools (Tenable, Qualys, or equivalent)
Understanding of RBAC and least-privilege access principles
Bachelor's degree in Cybersecurity, Information Technology, or equivalent experience
Minimum Background Investigation (MBI) — ACTIVE
U.S Citizenship is required
Select applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information and be able to obtain a government-granted security clearance.
Individuals may also be subject to a background investigation including, but not limited to criminal history, employment and education verification, drug testing, and creditworthiness.

Nice To Haves

Experience managing POA&M lifecycle beyond basic updates, POA&M management
Exposure to risk scoring and remediation prioritization frameworks
Familiarity with automated vulnerability scanning pipelines
Experience with eMASS or federal ATO processes
AWS Config/Inspector
SIEM tools (Splunk, ELK, CloudWatch)
Identity governance solutions (SailPoint, Okta)
Data security and PII protection
Basic scripting or automation skills.

Responsibilities

Support tenant onboarding security classification activities and technical guardrails implementation
Assist with security reviews for new data intake requests and Data Sharing Agreement compliance checks
Support daily security monitoring, IAM entitlement reviews, and alert triage
Assist with vulnerability scanning coordination and POA&M tracking updates
Maintain security documentation including Risk Assessment Checklists (RACs) and Non-Disclosure Agreements
Support preparation of audit evidence packages under direction of Senior Cybersecurity Specialist
Monitor IRS Security Awareness Training (SAT) compliance for all contractor personnel