Security Engineer

Guidehouse•Manassas, VA

32d•Onsite

About The Position

Guidehouse is seeking a Security Engineer to support security operations, compliance, and risk management activities for a federal government client within the a Federal Government Agency environment. This role supports enterprise applications, infrastructure, and cloud environments by ensuring adherence to federal cybersecurity requirements while strengthening the security posture of mission-critical client systems.

Requirements

Bachelor’s degree. Additional Four (4) years of exp can be used in lieu of degree.
Minimum of Two(2) years of experience .
Experience supporting federal Security programs.
Hands-on experience with vulnerability scanning and analysis tools such as Tenable, Qualys, or similar platforms.
Working knowledge of RMF processes, NIST security controls, and federal compliance requirements.
Experience securing and supporting Windows, Linux/UNIX, and cloud-based systems.
Strong technical writing, documentation, and communication skills.
Ability to analyze complex security issues and communicate risk clearly to both technical and non-technical stakeholders.
U.S. Citizenship required.
Must be able to obtain Public Trust Clearance.

Nice To Haves

Prior experience supporting Federal Government Agency systems.
Experience with AWS security services (e.g., GuardDuty, CloudTrail, Audit Manager).
Professional cybersecurity certifications such as Security+, CISA, CEH, AWS Security Specialty, or equivalent.
Experience supporting continuous monitoring, ATO renewals, or FedRAMP-aligned systems.
Familiarity with zero trust concepts, identity and access management, and secure network architectures.

Responsibilities

Support cybersecurity and information assurance activities for client systems in accordance with federal security standards and organizational policies.
Conduct vulnerability management and assessment activities across applications, operating systems, databases, cloud, and network environments using tools such as Tenable and Qualys.
Analyze, validate, and prioritize vulnerability findings, coordinating remediation efforts with system owners, engineers, and operations teams.
Support Risk Management Framework (RMF) activities, including implementation, assessment, and continuous monitoring of security controls.
Maintain and update RMF artifacts including POA&M entries, security documentation, and system authorization materials.
Monitor system and network security events and logs to identify potential threats, misconfigurations, and compliance issues.
Evaluate technical and policy-based security controls aligned with NIST SP 800-53, FISMA, FedRAMP, and related federal guidance.
Support cloud security operations and monitoring efforts within AWS environments, leveraging native security services.
Document security findings, remediation recommendations, and compliance activities to support audits and leadership reporting.
Collaborate closely with developers, system administrators, architects, SOC teams, and government stakeholders to improve overall system security.
Participate in incident response, vulnerability remediation validation, and continuous monitoring initiatives.

Benefits

Medical, Rx, Dental & Vision Insurance
Personal and Family Sick Time & Company Paid Holidays
Parental Leave
401(k) Retirement Plan
Group Term Life and Travel Assistance
Voluntary Life and AD&D Insurance
Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts
Transit and Parking Commuter Benefits
Short-Term & Long-Term Disability
Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities
Employee Referral Program
Corporate Sponsored Events & Community Outreach
Care.com annual membership
Employee Assistance Program
Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)
Position may be eligible for a discretionary variable incentive bonus