Posted today
Top Secret
Senior Level Career (10+ yrs experience)
$107,900 - $180,050
IT - Security
Lorton, VA (On-Site/Office)
Tenable Engineer
Location: Lorton, Virginia
Remote Type: No Remote
Clearance: Top Secret/SCI
Pay Range $107,900.00 - $180,050.00 (w/some flexibility) / 1099 or C2C Opportunity as well.
Seeking a Tenable Engineer supporting the Department of Homeland Security (DHS).
Primary Responsibilities
The Tenable Engineer – Linux / Tenable Compliance is responsible for securing and hardening enterprise Linux servers, managing Tenable vulnerability scanning platforms, and driving compliance across on-prem and cloud environments. This role sits at the intersection of operations and governance: building and maintaining secure baselines, tuning Tenable scans, interpreting results, and partnering with engineering teams to remediate findings in line with organizational policies and regulatory requirements.
The ideal candidate has strong hands-on Linux (RHEL/Ubuntu) experience, deep familiarity with Tenable.sc / Nessus, and a proven track record of supporting compliance frameworks (e.g., NIST, DISA STIGs, CIS benchmarks).Implement and maintain secure network architectures (e.g., segmentation, zoning, DMZs, zero-trust-aligned designs) in accordance with organizational policies and industry best practices.
Administer and harden Linux servers (e.g., RHEL, Rocky, Ubuntu) including OS configuration, patching, and security baseline enforcement.
Install, configure, and maintain Tenable platforms (Tenable.sc, Nessus, Nessus Agents, connectors) to support continuous vulnerability scanning.
Develop and maintain scanning policies, schedules, and dashboards to provide accurate visibility into security posture.
Analyze Tenable scan results; validate true positives vs false positives and work with system and application owners to drive timely remediation.
Map vulnerabilities and configuration findings to relevant compliance requirements (e.g., NIST 800-53, DISA STIGs, CIS benchmarks, organizational policies).
Support the creation and maintenance of secure configuration baselines and hardening guides for Linux servers and related middleware.
Generate compliance and vulnerability reports for leadership, auditors, and governance teams; track remediation progress and aging.
Collaborate with infrastructure, DevOps, and application teams to integrate security and compliance into change management, patch cycles, and deployment pipelines.
Participate in security incident response activities related to Linux hosts, including log review, containment, and forensic support.
Contribute to SOPs, playbooks, and runbooks for vulnerability management, patching, and compliance monitoring.
Maintain all Body of Evidence (BOE) documentation for which they are the prime author for the duration of the contract. The Contractor shall update the documentation to correspond with product updates released in response to software updates and patches. The Contractor shall document all changes to the security posture of the system and provide those documents to the government for review and approval.
Basic Qualifications
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field and 8+ years experience; or additional equivalent experience may be considered in lieu of a degree.
5–8+ years of hands-on experience administering and securing Linux systems in an enterprise environment.
Active TS/CI government security clearance
Direct experience with Tenable.sc and/or Nessus for vulnerability management (configuration, policy creation, agent management, reporting).
Solid understanding of vulnerability management lifecycle: discovery, assessment, prioritization, remediation, and verification.
Experience implementing or supporting security/compliance frameworks such as NIST 800-53, DISA STIGs, CIS benchmarks, or similar.
Strong skills in Linux CLI, shell scripting, and basic automation (e.g., Bash, Python, Ansible) to support configuration and remediation.
Familiarity with log management and SIEM solutions and how they integrate with Linux hosts.
Ability to interpret technical vulnerabilities (CVEs, CVSS) and clearly communicate risk and remediation options to technical and non-technical stakeholders.
Excellent documentation skills, including the ability to produce clear procedures, diagrams, and reports.
Preferred Qualifications
Experience with configuration management tools (e.g., Ansible, Puppet, Chef, Salt) to enforce secure baselines at scale.
Experience working in regulated or audit-heavy environments (e.g., FISMA, FedRAMP, PCI-DSS, HIPAA, SOX).
Familiarity with Windows server hardening and cross-platform vulnerability management.
Experience integrating Tenable with ticketing/ITSM tools for automated ticket creation and tracking.
Certifications such as Linux+, RHCSA/RHCE, Security+, CySA+, Tenable-certified, CISSP, or similar.
Experience in federal / DoD / IC / state & local government, or other large enterprise environments.
Location: Lorton, Virginia
Remote Type: No Remote
Clearance: Top Secret/SCI
Pay Range $107,900.00 - $180,050.00 (w/some flexibility) / 1099 or C2C Opportunity as well.
Seeking a Tenable Engineer supporting the Department of Homeland Security (DHS).
Primary Responsibilities
The Tenable Engineer – Linux / Tenable Compliance is responsible for securing and hardening enterprise Linux servers, managing Tenable vulnerability scanning platforms, and driving compliance across on-prem and cloud environments. This role sits at the intersection of operations and governance: building and maintaining secure baselines, tuning Tenable scans, interpreting results, and partnering with engineering teams to remediate findings in line with organizational policies and regulatory requirements.
The ideal candidate has strong hands-on Linux (RHEL/Ubuntu) experience, deep familiarity with Tenable.sc / Nessus, and a proven track record of supporting compliance frameworks (e.g., NIST, DISA STIGs, CIS benchmarks).Implement and maintain secure network architectures (e.g., segmentation, zoning, DMZs, zero-trust-aligned designs) in accordance with organizational policies and industry best practices.
Administer and harden Linux servers (e.g., RHEL, Rocky, Ubuntu) including OS configuration, patching, and security baseline enforcement.
Install, configure, and maintain Tenable platforms (Tenable.sc, Nessus, Nessus Agents, connectors) to support continuous vulnerability scanning.
Develop and maintain scanning policies, schedules, and dashboards to provide accurate visibility into security posture.
Analyze Tenable scan results; validate true positives vs false positives and work with system and application owners to drive timely remediation.
Map vulnerabilities and configuration findings to relevant compliance requirements (e.g., NIST 800-53, DISA STIGs, CIS benchmarks, organizational policies).
Support the creation and maintenance of secure configuration baselines and hardening guides for Linux servers and related middleware.
Generate compliance and vulnerability reports for leadership, auditors, and governance teams; track remediation progress and aging.
Collaborate with infrastructure, DevOps, and application teams to integrate security and compliance into change management, patch cycles, and deployment pipelines.
Participate in security incident response activities related to Linux hosts, including log review, containment, and forensic support.
Contribute to SOPs, playbooks, and runbooks for vulnerability management, patching, and compliance monitoring.
Maintain all Body of Evidence (BOE) documentation for which they are the prime author for the duration of the contract. The Contractor shall update the documentation to correspond with product updates released in response to software updates and patches. The Contractor shall document all changes to the security posture of the system and provide those documents to the government for review and approval.
Basic Qualifications
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field and 8+ years experience; or additional equivalent experience may be considered in lieu of a degree.
5–8+ years of hands-on experience administering and securing Linux systems in an enterprise environment.
Active TS/CI government security clearance
Direct experience with Tenable.sc and/or Nessus for vulnerability management (configuration, policy creation, agent management, reporting).
Solid understanding of vulnerability management lifecycle: discovery, assessment, prioritization, remediation, and verification.
Experience implementing or supporting security/compliance frameworks such as NIST 800-53, DISA STIGs, CIS benchmarks, or similar.
Strong skills in Linux CLI, shell scripting, and basic automation (e.g., Bash, Python, Ansible) to support configuration and remediation.
Familiarity with log management and SIEM solutions and how they integrate with Linux hosts.
Ability to interpret technical vulnerabilities (CVEs, CVSS) and clearly communicate risk and remediation options to technical and non-technical stakeholders.
Excellent documentation skills, including the ability to produce clear procedures, diagrams, and reports.
Preferred Qualifications
Experience with configuration management tools (e.g., Ansible, Puppet, Chef, Salt) to enforce secure baselines at scale.
Experience working in regulated or audit-heavy environments (e.g., FISMA, FedRAMP, PCI-DSS, HIPAA, SOX).
Familiarity with Windows server hardening and cross-platform vulnerability management.
Experience integrating Tenable with ticketing/ITSM tools for automated ticket creation and tracking.
Certifications such as Linux+, RHCSA/RHCE, Security+, CySA+, Tenable-certified, CISSP, or similar.
Experience in federal / DoD / IC / state & local government, or other large enterprise environments.
group id: 10507520
