Security Engineer

Acuity INC, DC
Onsite

About The Position

Looking to make a difference, to help keep people safe, or even to save lives through your work with technology? Join Acuity’s team of experts to have an impact on our government’s critical missions. Acuity, Inc. is a consulting firm that supports federal agencies in the areas of IT Modernization, Data Enablement, and Hyperautomation. We are currently hiring for a Security Engineer.

Requirements

  • Must have hands-on expertise with respect to setting up and administering Fortify SSC, Fortify Security Assistant IDE Plugin, OWASP ZAP, and Audit Workbench
  • Have and maintain at least one active certification such as CISSP, CCISSP, CEH, CISM, CISA, Cloud+, CCSP, or other comparable certification which must be approved in advance by the Government PM (on a case-by-case basis)
  • Minimum of five (5) years of experience in security engineering or security operations
  • Experience in security process mapping, security process analysis, security process improvement concepts, models, and best practices
  • Experience with cloud Platform as a Service (PaaS), Software as a Service (SaaS) and other cloud services
  • Experience with Continuous Integration (CI)/Continuous Delivery (CD) - Deployment pipeline experience (Jenkins, Ansible, Terraform)
  • Experience or a strong knowledge of Data at Rest Application Programing Interface (API) design
  • Experience or a strong knowledge of programming languages (Python, Java etc.)
  • Experience or a strong knowledge of container/orchestration tools (Kubernetes, Docker, Puppet, etc)
  • Have a deep understanding of API Security, Container Security, Cloud Security
  • Advanced Microsoft Excel and Access skills to perform extensive data mining, correlation, and reporting
  • Contractor shall be staffed in the Washington, DC metropolitan area, unless explicitly approved by the Government PM
  • Experience working with NIST SP 800-53, RMF, FISMA, DHS and DoD policies
  • Excellent customer service, analytical, problem solving, team-building, and interpersonal skills
  • Ability to work independently and function as an integral part of the team
  • Excellent oral and written communication skills; technical and business focused, with the ability to document and describe security process information collected
  • Listening skills, the ability to detect explicit and implicit needs and wants
  • Demonstrated ability to exercise good judgment, prioritize multiple tasks, and problem solve under pressure of deadlines and resource constraints
  • Proven experience in building consensus and managing cross-functional teams
  • Must have an Active Secret clearance or higher, verifiable in JPAS

Nice To Haves

  • Some other tools besides Fortify that if they appear on the candidate’s experience could be reasonable substitutes: CAST, Code Compare, CodeScene Behavioral Code Analysis, CodeSonar, Coverity, Embold, Fortify Static Code Analyzer, Parasoft, PVS-Studio, Raxis, reshift, RIPS Technologies, SmartBear Collaborator, Understand, Visual Expert, Veracode

Responsibilities

  • Provide hands-on technical subject matter expertise with respect to setting up and administering Fortify SSC, Fortify Security Assistant IDE Plugin, OWASP ZAP, and Audit Workbench. Anticipate expanding to SonaType.
  • Administer applications and users.
  • Field troubleshooting questions for developers (i.e., connections to pipelines)
  • Field troubleshooting questions for front-end users (testers, security analysts -- "is this a false positive?", etc)
  • Work with Project teams to review vulnerabilities.
  • Familiar with Windows Server
  • Work autonomously in an area of specialization to analyze internal security and provide relevant information to internal and external customers, suppliers, and partners.
  • Have skill sets to perform computer incident response and remediation practices as outlined in NIST 800-61 (Computer Security Incident Handling Guide) and DHS 4300A Sensitive Systems Policy Handbook, Attachment F Incident Response. The staff will assist the Security Operation Center (SOC) on incident response actions for security incidents affecting the Cloud environment.
  • Assist with the implementation of monitoring capabilities for various audiences – developers, business owners, security, and infrastructure; analyze all platform level, network changes and monitor impact and provide appropriate technical solutions to resolve issues efficiently; evaluate and document operating baseline according to required standards.
  • Perform other duties as assigned by the Government.

Benefits

  • Competitive compensation
  • Comprehensive benefits
  • Personalized development plans
  • Mentorship
  • Up to $3,000 annually for training and certifications
  • Up to $3,000 for degree seeking programs
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service