Security Engineer

Description:
Onsite in Washington, DC

Our client seeks a Security Engineer to support a federal cybersecurity mission that protects critical transportation infrastructure. The role focuses on endpoint vulnerability management, risk assessment and mitigation, and clear communication with technical and non-technical stakeholders. You will collaborate with cross-functional teams, administrators, and federal counterparts to drive remediation, reporting, and continuous improvement of security posture. Experience with Tenable Nessus and federal frameworks is important.

Due to federal security clearance requirements, applicant must be a United States Citizen or Permanent Resident with an active Public Trust clearance. This is a contract to hire opportunity. Applicants must be willing and able to work on a w2 basis and convert to FTE following contract duration. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.

Rate: $40.00 to $48.00/hr. w2

Responsibilities:

• Engage with federal leadership and counterparts to identify endpoint vulnerabilities and provide guidance on remediation actions.
• Coordinate with system and application administrators to meet remediation timelines.
• Develop and enhance vulnerability identification and remediation status tracking and reporting to present cyber risks.
• Troubleshoot issues associated with endpoint vulnerability scanning with administrators and federal counterparts.
• Work cybersecurity operations ITSM (ServiceNow) tickets to completion.
• Participate in cybersecurity and security operations meetings.
• Collaborate on and provide feedback to cybersecurity solutions that enhance overall security posture.

Experience Requirements:

• Six years in cybersecurity or related IT fields; or Bachelor's degree with five years; or Master's degree with four years.
• Hands-on experience with endpoint vulnerability scanning solutions, specifically Tenable Nessus.
• Experience with federal cybersecurity requirements such as FISMA and NIST 800 series.
• Strength in vulnerability management, risk assessment and mitigation, and comprehensive remediation.
• Ability to explain vulnerability management concepts to audiences unfamiliar with the domain.
• Ability to collaborate and coordinate with cross-functional teams.
• Familiarity with the vulnerability management lifecycle, application and technology stacks, cloud systems, operating systems, databases, networking, and firewalls (preferred).
• Familiarity with DLP, endpoint security software, network IDS/IPS, host-based IDS/IPS, and cybersecurity best practices and industry standards including NIST RMF and NIST CSF (preferred).

Education Requirements:

• Bachelor's degree preferred; Master's degree may substitute for experience as noted.
• Relevant certifications such as Security+, CISSP, CISM, CISA, GCIH, OSCP, or CEH.