Mclean, VA
|
Security Engineering
|
Contract-to-perm
|
$54 - $68 (hourly estimate)
{"JobID":478622,"JobType":["Contract-to-perm"],"EmployerID":null,"Location":{"Latitude":-77.19,"Longitude":38.94,"Distance":null},"State":"Virginia","Zip":"22102","ReferenceID":"DC0-fa3acaf0-844b-4e2b-b066-4ee5cc374d62","PostedDate":"\/Date(1767641459000)\/","Description":"The Security Engineer - Continuous Diagnostics and Mitigation (CDM) is responsible for designing, implementing, integrating, and maintaining enterprise CDM capabilities to provide continuous visibility into cybersecurity risk, asset posture, and compliance. This role supports federal cybersecurity objectives by deploying and operating CDM tools and dashboards, integrating security data sources, and enabling real-time risk awareness across on-premises and cloud environments. The Security Engineer works closely with cybersecurity operations, system owners, and compliance teams to improve situational awareness, support risk-based decision-making, and ensure alignment with federal cybersecurity standards and mandates.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global\u0027s Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.","Title":"Security Engineer - Continuous Diagnostics and Mitigation (CDM)","City":"Mclean","ExpirationDate":null,"PriorityOrder":0,"Requirements":"Requirements:Must be able to obtain a Public TrustThis position is primarily remote, but it requires the ability to attend occasional meetings in DC, MD, VA, WV, NJ, and OK as neededQualifications and ExperienceBachelor\u0027s degree in Computer Science, Cybersecurity, Engineering, Information Systems, Mathematics, Technology, or related IT field6+ years of experience in cybersecurity engineering, security operations, or risk management roles.One or more industry-recognized certifications required, including:Certified Information Systems Security Professional (CISSP)Certified Information Security Manager (CISM)Certified Information Systems Auditor (CISA)Certified Ethical Hacker (CEH)Certified Authorization Professional (CAP)CompTIA Security+Or other equivalent IT or cybersecurity certificationsDemonstrated experience supporting or implementing CDM program capabilities within federal or regulated environments.Technical Skills \u0026 CDM Expertise:CDM Architecture \u0026 ToolsExperience implementing and operating CDM program tools, including capabilities across:Asset Management (HWAM, SWAM)Identity and Access Management (IdAM)Vulnerability ManagementEvent ManagementNetwork and Data ProtectionExperience integrating CDM components such as:Vulnerability scannersEndpoint security toolsIAM solutionsNetwork security toolsExperience supporting or integrating with CDM dashboards, data feeds, and agency or federal-level reporting.Security Engineering \u0026 OperationsConfigure, manage, and tune security controls including:Firewalls, IDS/IPS, endpoint protection, encryption, and network security controlsPerform patch management and vulnerability remediation aligned with CIS Benchmarks, DISA STIGs, and SCAP.Monitor security posture, vulnerabilities, and configuration compliance across enterprise environments.Respond to security incidents, vulnerabilities, and emerging threats; support investigations and impact assessments.Cloud \u0026 Zero Trust SecurityExperience securing cloud environments (AWS, Azure, GCP) using:Zero Trust Architecture (ZTA) principlesCloud-native security controls, CSPM, CASB, and encryptionSupport implementation of IAM, PAM, and RBAC controls aligned with Zero Trust objectives.Governance, Risk \u0026 Compliance (GRC)Assess, develop, and implement security policies and procedures aligned with:NIST RMF, FISMA, FedRAMP, ISO 27001, and DoD STIGsConduct security risk assessments, control effectiveness reviews, and gap analyses.Support preparation and maintenance of:System Security Plans (SSPs)Security Control Assessments (SCAs)Authorization to Operate (ATO) packagesPlans of Action \u0026 Milestones (POA\u0026Ms), including remediation trackingEnsure compliance with federal regulations, industry standards, and organizational policies.Support internal and external audits and certification activities.Automation, Analysis \u0026 IntegrationDevelop scripts using Python, PowerShell, and/or Bash to automate security data collection, analysis, and reporting.Integrate CDM tools and security platforms using APIs and automation frameworks (e.g., Ansible, Terraform, cloud-native tools).Analyze security data to assess risk impact and prioritize remediation efforts.Analytical \u0026 Problem-Solving SkillsApply standard and advanced analytical techniques to evaluate security control effectiveness in real-world environments.Analyze cyber threats, vulnerabilities, and misconfigurations across multi-layered architectures.Make data-driven decisions to improve security posture while balancing mission and operational needs.Troubleshoot complex security issues across enterprise IT and cloud environments.Communication \u0026 CollaborationCollaborate with cybersecurity operations, system owners, engineers, auditors, and leadership to implement CDM capabilities and security best practices.Communicate security risks, compliance status, and remediation strategies to technical and non-technical stakeholders.Develop security documentation, reports, policies, and procedures supporting CDM and accreditation activities.Support and deliver security awareness and compliance training for stakeholders as needed.Professional AttributesStrong organizational, time-management, and multitasking skills.Highly responsive and customer-focused.Extensive understanding of business processes and enterprise IT/security environments.Skilled in facilitation, consultation, and applied problem-solving in complex settings.Excellent written and verbal communication skills.Ability to work with confidential and proprietary information with discretion.Commitment to staying current with emerging threats, technologies, and federal cybersecurity requirements.Required Tools and TechnologiesCDM Program \u0026 Federal Cybersecurity ToolsContinuous Diagnostics and Mitigation (CDM) Program tools supporting:Hardware Asset Management (HWAM)Software Asset Management (SWAM)Identity and Access Management (IdAM)Vulnerability ManagementNetwork and Data ProtectionEvent ManagementCDM dashboards and reporting tools, including agency-level and federal-level data feedsVulnerability \u0026 Configuration ManagementVulnerability scanning tools such as:Tenable (Nessus / Tenable.sc)QualysRapid7Configuration and compliance assessment tools aligned with:DISA STIGsCIS BenchmarksSCAP-compliant toolsIdentity, Access \u0026 Zero Trust TechnologiesIdentity and Access Management (IAM) platformsPrivileged Access Management (PAM) solutionsRole-Based Access Control (RBAC)Zero Trust Architecture (ZTA) technologies and policy enforcement toolsIdentity providers and directory services (e.g., Active Directory, Azure AD/Entra ID)Network \u0026 Endpoint SecurityNetwork security technologies including:FirewallsIDS/IPS (e.g., Snort, Suricata)VPNsEndpoint security platforms:Endpoint Detection \u0026 Response (EDR)Anti-malware and host-based security toolsEncryption technologies for data at rest and in transitCloud Security TechnologiesCloud platforms:AWS, Azure, and/or GCPCloud security tools including:Cloud Security Posture Management (CSPM)Cloud Access Security Broker (CASB)Cloud-native security servicesSecure cloud configuration and monitoring aligned with federal standardsSecurity Monitoring \u0026 Data IntegrationSecurity monitoring and analytics platforms (SIEM or CDM-integrated tools)Log aggregation and event correlation technologiesREST APIs and data integration mechanisms for CDM feedsAutomation \u0026 ScriptingPython, PowerShell, and/or Bash for automation, data analysis, and reportingInfrastructure and security automation tools such as:AnsibleTerraformCloud-native automation servicesGovernance, Risk \u0026 Compliance (GRC)Frameworks and standards:NIST RMFFISMAFedRAMPISO 27001DoD STIGsTools supporting:SSP, SCA, ATO, and POA\u0026M development and trackingAudit and compliance reportingCollaboration \u0026 Development ToolsVersion control systems such as GitIT service management and ticketing tools (e.g., ServiceNow)Documentation and collaboration platforms (e.g., Confluence, SharePoint)","Skills":"","Industry":"Security Engineering","Country":"US","Division":"IT","Office":null,"IsRemoteJob":true,"IsInternalJob":false,"ExtraValues":null,"__RecordIndex":0,"__OrdinalPosition":0,"__Timestamp":0,"Status":null,"ApplicantCount":0,"SubmittalCount":0,"ApplicationToHireRatio":0,"JobDuration":null,"SalaryHigh":68.0000,"SalaryLow":54.4000,"PayRateOvertime":0,"PayRateStraight":0,"Filled":0,"RemainingOpenings":0,"TotalOpenings":0,"Visa":null,"ClearanceType":null,"IsClearanceRequired":false,"IsHealthcare":false,"IsRemote":false,"EndClient":null,"JobCreatedDate":"\/Date(-62135578800000)\/","JobModifiedDate":"\/Date(-62135578800000)\/"}
The Security Engineer - Continuous Diagnostics and Mitigation (CDM) is responsible for designing, implementing, integrating, and maintaining enterprise CDM capabilities to provide continuous... visibility into cybersecurity risk, asset posture, and compliance. This role supports federal cybersecurity objectives by deploying and operating CDM tools and dashboards, integrating security data sources, and enabling real-time risk awareness across on-premises and cloud environments. The Security Engineer works closely with cybersecurity operations, system owners, and compliance teams to improve situational awareness, support risk-based decision-making, and ensure alignment with federal cybersecurity standards and mandates.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.