Cybersecurity Engineer II
United States
Full Time
1 week ago
$155,000 - $185,000 USD
No H1B
Key skills
Cyber SecurityFirewallsLinuxPythonSplunkBashPowerShellLeadershipRisk Management
About this role
Role Overview
- Design, implement, and maintain secure information systems that support mission-critical operations
- Utilize technical expertise in endpoint security, vulnerability management, security monitoring, and compliance within Windows and Linux enterprise environments
- Serve as a key technical contributor, supporting both defensive cyber operations and Risk Management Framework (RMF) activities
- Administer and optimize Trellix ePO for endpoint protection, policy enforcement, threat detection, and incident response across Windows and Linux systems
- Operate and maintain ACAS/Nessus vulnerability scanning solutions; analyze findings and support remediation efforts
- Develop, maintain, and enhance Splunk dashboards, alerts, and correlation rules for security monitoring, log analysis, and threat detection
- Perform technical security assessments, vulnerability assessments, and configuration compliance reviews
- Support RMF activities including SSP development, POA&M management, control implementation, and continuous monitoring
- Apply STIGs and SCAP benchmarks to Windows and Linux systems; validate compliance and document results
- Analyze security events, logs, and alerts to identify indicators of compromise and support incident response actions
- Collaborate with system administrators, network engineers, and cybersecurity leadership to implement risk mitigations
- Provide technical recommendations to improve overall cybersecurity posture based on emerging threats and trends
- Develop technical documentation including SOPs, security procedures, and assessment reports
Requirements
- Must be a U.S. Citizen
- Active Secret clearance with ability to obtain Top Secret with SCI eligibility or have an active Top Secret with SCI eligibility
- Will be subject to a federal background investigation
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience)
- 3+ years of progressive experience in cybersecurity engineering, system security, or cyber defense roles
- Current CompTIA Security+ Ce certification required
- Current DISA 201 ePO and 301 ePO certifications required
- Current Splunk certification required (Admin, Engineer, Analyst or Architect certs will be accepted)
- Advanced experience with Trellix ePO administration in enterprise environments
- Strong proficiency with Splunk SIEM, including SPL queries, dashboards, alerts, and reporting
- Hands-on experience with ACAS/Nessus vulnerability scanning and remediation tracking
- Expertise securing Windows and Linux operating systems, including system hardening and patch management
- Experience with STIGs, SCAP, and configuration compliance validation
- Knowledge of network and host-based security technologies including EDR, IDS/IPS, firewalls, and SIEM
- Familiarity with scripting and automation (PowerShell, Bash, or Python) to support security operations
- Strong understanding of NIST RMF and system authorization lifecycles
Tech Stack
- Cyber Security
- Firewalls
- Linux
- Python
- Splunk
Benefits
- comprehensive benefits package to ensure our employees receive the work-life support they need
- healthcare benefits
- paid leave
- retirement plans
- insurance programs
- education and training assistance