Security Engineer

Position Summary 

The Security Engineer is a critical technical role responsible for the design, implementation, and auditing of security controls to meet CMMC and NIST 800-171 requirements. This position focuses on securing highly regulated environments, including GCC-High, and requires expertise in writing comprehensive security policies.

This role requires a minimum of 5 years of experience in the cybersecurity field. The Security Engineer will lead CMMC audit preparation and assist with escalations from the SOC that require advanced engineering support.

Key Attributes

• Detail-oriented with a proactive approach to compliance and threat mitigation.
• Ability to adapt to new technologies and evolving regulatory landscapes.
• A team player with a strong focus on collaboration and continuous improvement.

Essential Duties and Responsibilities

CMMC Compliance and Audit Readiness:

• Perform advanced analysis to identify and mitigate vulnerabilities specifically related to CMMC and NIST 800-171 controls.
• Lead the implementation and optimization of security tools needed for compliance, including Microsoft Sentinel, Purview, and Microsoft Defender.
• Utilize Netsys and other specialized tools to meet and validate the 800-171 controls outlined in the CMMC.
• Author and maintain technical security policies and procedures required for official audits.

Security Engineering and SOC Support:

• Act as an escalation point for the SOC, providing technical guidance on complex security issues and incident response.
• Operate and tune security tools such as EDR, SIEM, and forensic tools to improve detection and alerting.
• Document lessons learned from security incidents and integrate them into compliance playbooks.

Collaboration and Reporting:

• Work closely with IT, engineering, and compliance teams to address and mitigate security risks across internal and MSP environments.
• Serve as a technical liaison between the security team and leadership, providing updates on the compliance and security landscape.
• Utilize AI platforms such as Co-Pilot, Gemini, or Claude to automate tasks and streamline compliance reporting.

Minimum Qualifications (Knowledge, Skills, and Abilities)

Technical Expertise:

• 5 or more years of documented experience in Cybersecurity.
• Strong understanding of NIST 800-171 and CMMC frameworks.
• Expertise in Microsoft Sentinel, Purview, and Microsoft Defender.
• Proficiency in managing security within GCC-High environments.
• Cloud Experience: Multi-cloud vendor experience, including Microsoft Azure and Google Cloud Platform, is preferred.
• Proficiency in scripting and automation for security processes (e.g., Python, PowerShell).
• Knowledge of Major AI platforms and tools.

Communication and Problem-Solving:

• Excellent analytical skills to perform detailed cyber threat and vulnerability assessments.
• Strong written communication skills for authoring security policies and reporting.
• Experience presenting technical findings to non-technical stakeholders.

Education and Certifications (Preferred):

• Bachelor’s degree in computer science, information security, or a related discipline.
• Relevant certifications such as CISSP, CEH, or specialized CMMC/NIST certifications.

Physical Demands and Work Environment 

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodation may be made to enable individuals with disabilities to perform these functions.

While performing the duties of this position, the employee is regularly required to talk or hear. The employee frequently is required to use hands or fingers, handle or feel objects, tools, or controls. The employee is occasionally required to stand, walk, sit, and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus. The noise level in the work environment is usually low to moderate. 

Travel - Up to 20%

Shift

• Hours and shift determined by location.

Note

This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. Employees will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. This document does not create an employment contract, implied or otherwise, other than an “at will” relationship.

The company is an Equal Opportunity Employer, drug free workplace, and complies with ADA regulations as applicable