Job Title: Senior Cybersecurity Engineer
Location: Remote from Washington, DC
Position Type: Full-Time
Clearance Level: Secret Clearance
Overview:
We are seeking a Senior Cybersecurity Engineer with an active Secret Clearance to join our team in supporting the Department of State’s multi-cloud platforms, including AWS, Azure, and GCP. In this fully remote role, you will lead the implementation of security frameworks, drive DevSecOps practices, and ensure the secure deployment of applications and infrastructure in a compliance-focused environment. This position requires strong expertise in cloud security, federal compliance standards, and the ability to collaborate across cross-functional teams.
Responsibilities:
- Design and implement security architecture across AWS, Azure, and GCP platforms to ensure secure infrastructure and application deployments.
- Manage Authority to Operate (ATO) processes, achieving minimal findings and addressing POA&Ms.
- Integrate security tools into CI/CD pipelines, utilizing SAST, DAST, container scanning, and software composition analysis (SCA).
- Ensure compliance with NIST 800-53 and NIST 800-218, establishing security baselines for cloud deployments.
- Conduct threat modeling and secure code reviews, clearly communicating risk mitigation strategies with engineering teams.
- Implement Zero Trust principles, multi-factor authentication (MFA), and key management to strengthen security posture.
- Monitor API security, ensuring OWASP standards and secure third-party system integration.
- Establish automated security alerts and coordinate with Blue Teams on incident response protocols.
- Develop SOPs, RACIs, and security policies to maintain standardized security practices across environments.
- Serve as a liaison with assessors and stakeholders, ensuring compliance, remediation efforts, and alignment with security standards.
Qualifications:
- Active Secret Clearance Required
- 5+ years of experience in cybersecurity engineering, focused on cloud security (AWS, Azure, GCP).
- Proficiency in DevSecOps tools and practices, including GitLab, Terraform, Ansible, and Infrastructure as Code (IaC).
- In-depth knowledge of federal security standards, including NIST 800-53 and FISMA.
- Relevant certifications (CISSP, AWS, Azure) preferred.
- Advanced understanding of network security, IAM, and security monitoring.
Preferred Skills:
- Familiarity with ServiceNow Security Center and CI/CD automation tools.
- Experience with automated security monitoring, logging, and vulnerability management.
- Background in managing secure cloud environments within a federal context, ensuring compliance and security continuity.
Equal Opportunity Employer Statement:
We are an Equal Opportunity Employer and consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other protected characteristic as defined by applicable law.
