Systems Engineer - Security

About The Position

Requirements

• 6+ years of progressive experience designing, engineering, and securing enterprise‑scale IT systems across complex network environments
• Senior‑level knowledge in architecting, deploying, and maintaining security infrastructure, including endpoint protection, vulnerability management, configuration management, and enterprise hardening solutions
• Demonstrated experience leading security engineering initiatives, including implementing advanced security controls, designing secure configurations, and overseeing patch and update strategies for Linux and Windows environments
• Extensive hands‑on experience with enterprise security tools, such as Ivanti, WSUS, Trellix, Tenable, or equivalent platforms, including tool integration, optimization, and lifecycle management
• Strong understanding of security frameworks and compliance requirements, such as NIST RMF, NIST 800‑53, STIGs, or equivalent federal/DoD standards
• Demonstrated ability to lead complex troubleshooting efforts, perform root‑cause analysis, and drive long‑term remediation strategies across enterprise systems
• Experience mentoring junior engineers, providing technical leadership, and contributing to team capability development
• Required IAT/Management‑level certification: one or more of the following — CASP+, CISSP, or equivalent senior‑level certification
• Required vendor certification in one or more relevant technologies (e.g., Microsoft, VMware, Cisco, NetApp, Pure Storage, HP, Dell, Linux+, Red Hat, HBSS, ACAS). Candidates without an active certification must obtain at least one within 6 months of hire
• Security Clearance Required: TS/SCI

Nice To Haves

• Bachelors Degree
• Experience working within a SOC
• Prior Military experience

Responsibilities

• Architect, implement, and maintain enterprise security controls and infrastructure components across Windows, Linux, and virtualized environments
• Lead the design, deployment, configuration, and lifecycle management of endpoint hardening and security tools (e.g., Ivanti, WSUS, Trellix, Tenable)
• Oversee patch management processes, including OS updates, third‑party software updates, and administrative tool upgrades
• Provide expert‑level troubleshooting, root‑cause analysis, and performance optimization for complex security and infrastructure issues
• Evaluate, recommend, and lead the adoption of new security tools, technologies, and methodologies
• Develop and maintain security documentation, including SSPs, RMF artifacts, engineering diagrams, and operational procedures
• Design and implement security requirements within enterprise business processes and technical architectures
• Support vulnerability assessments, interpret results, and develop risk‑based mitigation strategies
• Conduct system hardening, configuration baselining, and compliance scanning to ensure adherence to security standards
• Support and guide incident response activities, including forensic analysis and containment strategies
• Collaborate with cross‑functional teams to ensure security is embedded throughout system lifecycles
• Mentor and provide technical leadership to junior and mid‑level security engineers
• Contribute to long‑term security strategy, capability development, and continuous improvement initiatives
• Support a diverse set of enterprise networks and mission environments as part of a high‑performing security engineering team

Benefits

• Health, dental, and vision insurance
• Paid time off and holidays
• Retirement benefits (including 401(k) matching)
• Educational reimbursement
• Parental leave
• Employee stock purchase plan
• Tax-saving options
• Disability and life insurance
• Pet insurance