Senior Cybersecurity Engineer

Description:
Hybrid 2-3 days onsite in Washington, DC

Our client seeks a senior cybersecurity engineer to deliver NSA CSfC-compliant architectures for secure communications in classified environments. The role drives implementation of Data-at-Rest and Data-in-Transit solutions, SIEM integration, and operational readiness while contributing immediately in a mission-critical setting.

Due to federal security clearance requirements, applicant must be a United States Citizen with an active Top Secret clearance. This is a full-time, permanent opportunity, offering a competitive salary and comprehensive benefits package. Qualified applicants must be willing and able to work on a w2 basis.

Salary: $185,000 - $225,000/ yr. w2

Responsibilities:
Responsibilities

• Design and implement secure communications solutions that comply with NSA Commercial Solutions for Classified standards.
• Implement CSfC capability packages and protection profile requirements using layered commercial products.
• Architect and deploy compliant Data-at-Rest and Data-in-Transit solutions.
• Configure encrypted tunneling, key management, and secure transport mechanisms in classified environments.
• Integrate solutions with SIEM platforms and support security monitoring and incident detection.
• Analyze solution performance and compliance and provide recommendations for improvement.
• Operate in a mission-critical environment with minimal ramp-up and deliver immediate contributions.
• Engage senior government stakeholders to support security architecture decisions.

Experience Requirements:
Experience Requirements

• Active Top-Secret clearance with SCI eligibility.
• Required technical certifications include Security+ and CySA+ or GSEC.
• DoD 8140 certification aligned to the 521 Cyber Defense Infrastructure Support Specialist work role such as Security+, SSCP, CySA+, PenTest+, CASP+, GCIH, CISSP, or GSLC.
• 7+ years of cybersecurity experience with at least 3 years implementing CSfC capability packages.
• Proven experience designing and implementing CSfC-compliant architectures.
• Hands-on experience creating Data-at-Rest and Data-in-Transit architectures using layered commercial products.
• Operational experience with encrypted tunneling, key management, and secure transport in classified environments.
• Experience supporting security monitoring and incident detection with SIEM integration and performance and compliance analysis.
• Ability to contribute immediately in a mission-critical operational environment.
• Advanced cybersecurity certifications such as GCIH, GCIA, or CASP+ (preferred).
• Expert-level certifications such as CISSP (preferred).
• Cloud security certifications such as CCSP, AZ-500, or AWS Security Specialty (preferred).
• Advanced incident response or defensive certifications such as GCED (preferred).
• Experience with endpoint detection and response platforms such as Microsoft Defender or CrowdStrike (preferred).
• Prior experience supporting classified, sensitive, or high-visibility defense or intelligence programs (preferred).
• Experience operating in secure or restricted environments with elevated access controls (preferred).
• Experience interfacing with senior government stakeholders and supporting security architecture decisions (preferred).
• Hands-on experience implementing or operating CSfC-compliant architectures aligned to NSA capability packages (preferred).

Education Requirements:
Education Requirements

• Bachelor's degree in Cybersecurity, Computer Science, or a related field preferred, or equivalent relevant experience.
• Security+ certification.
• CySA+ or GSEC certification.
• DoD 8140-aligned certifications such as SSCP, PenTest+, CASP+, GCIH, CISSP, or GSLC.
• Preferred certifications may include GCIA, CCSP, AZ-500, AWS Security Specialty, and GCED.
• Active Top-Secret clearance with SCI eligibility.