Remote Cybersecurity Engineer

Description:

• The Cybersecurity Engineer will focus on security assessment and authorization, including analyzing security assessment documentation, developing and managing Plans of Action and Milestones (POA&M), ensuring compliance with IT security policies, and maintaining system security posture.
• Responsibilities include developing POA&Ms with detailed descriptions of weaknesses, associated NIST 800-53 security controls, remediation milestones, and timelines.
• The role involves recording and maintaining POA&Ms in a mandated repository, tracking remediation progress, reviewing and validating artifacts, recommending closure of milestones, updating IT security documentation, preparing materials for contingency training, and developing briefing materials for stakeholders.
• The Engineer will support independent IT security assessments, conduct vulnerability scans, analyze results, generate reports, and collaborate with IT teams to implement remediation plans.

Requirements:

• Bachelor’s degree in Cybersecurity, Information Technology, or related field; advanced degree preferred.
• Minimum of five (5) + years of cybersecurity experience, with at least 3 years in a senior engineering role.
• Ability to obtain and maintain a Public Trust.
• Extensive experience with NIST 800-53 controls and developing/managing POA&Ms in a federal environment.
• Proficiency with cybersecurity tools like Tenable Nessus, Splunk, and McAfee ePO.
• In-depth understanding of federal cybersecurity compliance frameworks (FISMA, FedRAMP, RMF), strong analytical skills, and excellent communication skills.
• Working experience with Governance risk and compliance tools such as eMASS and Xacta.

Benefits:

• Competitive salary and benefits package.
• Opportunity to work remotely.
• Chance to work with a team specializing in Cybersecurity, Cloud, and Digital Services for the Public Sector.
• Equal Opportunity/Affirmative Action employer providing a diverse and inclusive work environment.