Cyber Security Engineer IV

Company Description

Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.

Job Description

SOSi is seeking an experienced Cybersecurity Engineer to join our team at SOS International in Reston, VA. This role strengthens SOSi's enterprise and customer-facing security posture across on-prem, Microsoft 365/Azure, and multi-cloud environments (AWS, GCP, OCI). You will engineer, implement, and continuously improve controls that protect CUI/FCI and other sensitive data, align with federal frameworks, and enable secure, reliable mission delivery.

Essential Job Duties

Classified Systems Leadership (ISSM)

• Program Oversight: Lead SOSi Corporate Classified Information Systems and serve as the primary ISSM for all classified spaces.
• Compliance Frameworks: Develop and conduct risk assessment procedures to verify RMF/A&A safeguards in accordance with NISPOM/DAAPM, RMF, JSIG, and NIST 800-series (800-53, 800-171) guidelines.
• A&A Management: Direct all cybersecurity tasks including Authorization and Accreditation (A&A), risk management, vulnerability management, and privacy analysis.
• Authorization to Operate (ATO): Author and maintain critical security documentation, including System Security Plans (SSP) and Security Controls, to obtain and sustain system ATOs.
• Remediation: Collaborate with system owners to address Plan of Action and Milestones (POA&M) and conduct continuous evaluations of system security controls.

Security Engineering & Architecture

• Zero-Trust Implementation: Design and implement security reference architectures for endpoints, networks, identity, and cloud workloads aligned with zero-trust principles.
• Cloud Security: Engineer guardrails (policies, blueprints, landing zones), encryption, secrets management, and container security (Kubernetes) across Azure, AWS, GCP, or OCI using Infrastructure as Code (Bicep/Terraform).
• Identity & Access Management (IAM): Enforce least-privilege, RBAC/ABAC, and MFA/conditional access across Microsoft Entra ID (Azure AD) and supporting directories.

Threat Detection & Incident Response

• Operations: Build and tune detections (SIEM/EDR) and manage the end-to-end incident lifecycle: triage, evidence preservation, containment, eradication, and recovery.
• Continuous Monitoring: Define audit events, ensure reliable log collection/integrity, and generate compliance reports for leadership and external auditors.
• Active Defense: Coordinate with incident response teams to facilitate penetration testing, forensic analysis, and tabletop exercises.

Vulnerability & Data Protection

• Vulnerability Management: Operate and mature the vulnerability management program (e.g., Qualys), tracking findings through remediation and Change Advisory Board (CAB) control.
• Data Safeguarding: Enforce classification/labeling and FIPS-validated encryption for CUI/FCI data at rest and in transit, including secure handling of removable media and sanitization.
• Secure Baselines: Implement and maintain secure configuration baselines based on CIS/STIG requirements.

Qualifications

Minimum Requirements

• Bachelor's degree in Cyber Security, Information Technology, Computer Science, or a related field; OR equivalent experience.
• Minimum seven years of experience in cyber security or a related field.
• Strong understanding of network security, endpoint security, cloud security, and application security.
• Experience with security technologies such as intrusion detection/prevention systems, SIEM, antivirus software, and encryption techniques.
• Familiarity with regulatory requirements and standards such as CMMC, NIST, and ISO/IEC 27001.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal abilities.
• Ability to work independently and as part of a team.
• Detail-oriented and committed to maintaining high standards of security.
• Proven track record of successfully managing and mitigating cyber threats and incidents.
• Experience in developing and implementing security strategies and policies.

Preferred Qualifications

• Current active, in-scope DoD Secret clearance, with the ability to obtain a TS/SCI clearance.
• One or more relevant certifications: Security+, CISSP, CASP+, CCSP, CISM, GIAC (e.g., GCIH/GCIA/GCED/GCLD), AZ-500, SC-200/300, or cloud-provider security certs.
• Background with vulnerability management at scale (e.g., Qualys) and secure baseline management (CIS/STIG).
• Familiarity with email security, DLP, MDM/MAM, ZTNA/secure web gateways, and container/Kubernetes security.
• Master's degree is a plus.

Additional Information

Work Environment

• Working conditions are normal for an office environment, both on-site and hybrid work environments.
• Fast paced, deadline-oriented environment.
• May require periods of non-traditional working hours including consecutive nights or weekends (if applicable).
• Hybrid work in local areas is possible.

Working at SOSi

All interested individuals will receive consideration and will not be discriminated against for any reason.