Cybersecurity Engineer

Radiance Technologies is a 100% employee-owned company where innovation, ownership, and collaboration are at the core of everything we do. We offer a standout benefits package-including competitive salaries, full health/dental/vision/life insurance, a generous 401(k), tuition reimbursement, and a supportive, growth-driven work environment.

Position Summary:

We are seeking a highly motivated Cybersecurity Engineer to support our Modeling and Simulation (M&S) software development teams. You will collaborate with a diverse team of software engineers, data scientists, and analysts to secure and maintain compliance across complex development environments.

As part of the platform team, you will lead and support vulnerability assessments, security compliance efforts, and the integration of cybersecurity best practices. This role requires strong communication and coordination skills, as you will work closely with internal development teams, partners, and subcontractors to ensure consistent adherence to DoD cybersecurity requirements.

Job Responsibilities include :

• Conduct security assessments, reviews, and hardening activities for Linux operating systems, physical and virtual systems, container images, Kubernetes environments, and supporting infrastructure using DISA STIGs, SRGs, CIS benchmarks, and other applicable security frameworks to identify configuration weaknesses, compliance gaps, and remediation requirements.
• Implement, automate, and maintain compliance baselines using Ansible, OpenSCAP, and Infrastructure as Code methodologies.
• Perform vulnerability management activities including identification, analysis, prioritization, remediation tracking, and verification of vulnerabilities discovered through Nessus, OpenSCAP, Anchore, Trivy, Grype, and other security tools.
• Develop and maintain Plan of Action and Milestones (POA&M) documentation and coordinate remediation efforts across system administrators, developers, and stakeholders.
• Develop Python scripts and automation workflows to support vulnerability analysis, compliance reporting, security monitoring, and operational efficiency.
• Analyze CVEs, vendor advisories, SBOM data, and software supply chain risks to determine applicability, remediation requirements, and compensating controls.
• Compile vulnerability, compliance, and risk assessment reports aligned with release cycles, ATO requirements, and organizational security objectives.
• Perform Security Impact Analyses (SIAs) for proposed system, infrastructure, and application changes, evaluating potential effects on security posture, compliance requirements, and operational risk, and present findings to the Change Control Board (CCB) to support risk-informed decision making.
• Support RMF, CMMC, and NIST SP 800-171 compliance activities through continuous monitoring, assessment, and documentation efforts.
• Collaborate with development and infrastructure teams to integrate security requirements into CI/CD pipelines and DevSecOps processes.
• Review, develop, and recommend updates to security policies, procedures, standards, and implementation guidance.
• Perform security auditing and continuous monitoring activities using SIEM and centralized logging platforms to review and analyze operating system, application, authentication, and audit logs; identify suspicious activity, policy violations, unauthorized changes, and indicators of compromise; and develop dashboards, alerts, reports, and audit review procedures to support compliance, incident response, and continuous monitoring objectives.

Required Experience :

• Bachelor's or Master's degree in Cybersecurity, Computer Science, or a related technical field
• Minimum 5 years of experience performing cybersecurity assessments, vulnerability management, and compliance activities within DoD, Federal, or regulated environments.
• Hands-on experience implementing and assessing DISA STIGs, SCAP content, Security Requirements Guides (SRGs), and compliance automation.
• Experience with Linux administration, hardening, troubleshooting, and security operations.
• Strong knowledge of RMF, NIST SP 800-53, NIST SP 800-171, CMMC, and related cybersecurity frameworks.
• Experience conducting CVE analysis, vulnerability impact assessments, and remediation validation.
• Proficiency with Python, Bash, or similar scripting languages for security automation and reporting.
• Experience using Git-based workflows for source control, collaboration, and change management.
• Strong analytical, documentation, and communication skills with the ability to work effectively across technical and non-technical teams.
• Experience reviewing and analyzing security logs, audit records, and system events to identify security incidents, compliance violations, and operational risks, as well as supporting continuous monitoring and security auditing programs within regulated or compliance-driven environments.

Required Clearance :

• Ability to obtain Top-Secret/SCI
• Must be a U.S. Citizen

Desired Qualifications :

• DoD 8570 IAM Level I, II, or III certification (e.g., Security+, CISSP)
• Experience developing and maintaining Ansible playbooks for system configuration, compliance enforcement, and security automation.
• Experience with vulnerability scanning and assessment tools including Nessus, ACAS, OpenSCAP, Anchore, Trivy, Grype, and related platforms.
• Experience with SonarQube or similar static application security testing (SAST) tools.
• Familiarity with CI/CD platforms and DevSecOps practices.
• Experience securing containerized applications and Kubernetes environments.
• Knowledge of Infrastructure as Code technologies and associated security considerations.
• Experience with SBOM generation, analysis, and software supply chain security tools such as Syft and Grype.
• Familiarity with security monitoring platforms, log aggregation, and audit analysis solutions.
• Experience supporting Assessment & Authorization (A&A), Continuous Monitoring, and Continuous ATO initiatives.
• Experience with SIEM and log management platforms such as Graylog, Splunk, Elastic Stack, Microsoft Sentinel, QRadar, or similar solutions, including developing dashboards, alerts, correlation rules, and audit review procedures, as well as familiarity with Linux auditing technologies such as auditd, syslog.

Soft Skills:

• Strong communicator able to translate complex technical issues into clear, actionable guidance for both technical and non-technical stakeholders.
• Collaborative team player who actively shares knowledge and promotes best practices across teams.
• Demonstrates initiative and accountability, rising to challenges and adapting to rapidly changing requirements.
• Willing and eager to mentor junior analysts, fostering their growth and building team capability.
• Strong problem-solving mindset with the ability to remain composed under pressure and guide others through incidents.
• Growth-oriented with a focus on continuous learning and helping others develop professionally.

Radiance Technologies is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.