Design, implement, and maintain secure information systems that support mission-critical operations
Utilize technical expertise in endpoint security, vulnerability management, security monitoring, and compliance within Windows and Linux enterprise environments
Serve as a key technical contributor, supporting both defensive cyber operations and Risk Management Framework (RMF) activities
Administer and optimize Trellix ePO for endpoint protection, policy enforcement, threat detection, and incident response across Windows and Linux systems
Operate and maintain ACAS/Nessus vulnerability scanning solutions; analyze findings and support remediation efforts
Develop, maintain, and enhance Splunk dashboards, alerts, and correlation rules for security monitoring, log analysis, and threat detection
Perform technical security assessments, vulnerability assessments, and configuration compliance reviews
Support RMF activities including SSP development, POA&M management, control implementation, and continuous monitoring
Apply STIGs and SCAP benchmarks to Windows and Linux systems; validate compliance and document results
Analyze security events, logs, and alerts to identify indicators of compromise and support incident response actions
Collaborate with system administrators, network engineers, and cybersecurity leadership to implement risk mitigations
Provide technical recommendations to improve overall cybersecurity posture based on emerging threats and trends
Develop technical documentation including SOPs, security procedures, and assessment reports
Requirements
Must be a U.S. Citizen
Active Secret clearance with ability to obtain Top Secret with SCI eligibility or have an active Top Secret with SCI eligibility
Will be subject to a federal background investigation
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience)
3+ years of progressive experience in cybersecurity engineering, system security, or cyber defense roles
Current CompTIA Security+ Ce certification required
Current DISA 201 ePO and 301 ePO certifications required
Current Splunk certification required (Admin, Engineer, Analyst or Architect certs will be accepted)
Advanced experience with Trellix ePO administration in enterprise environments
Strong proficiency with Splunk SIEM, including SPL queries, dashboards, alerts, and reporting
Hands-on experience with ACAS/Nessus vulnerability scanning and remediation tracking
Expertise securing Windows and Linux operating systems, including system hardening and patch management
Experience with STIGs, SCAP, and configuration compliance validation
Knowledge of network and host-based security technologies including EDR, IDS/IPS, firewalls, and SIEM
Familiarity with scripting and automation (PowerShell, Bash, or Python) to support security operations
Strong understanding of NIST RMF and system authorization lifecycles
Tech Stack
Cyber Security
Firewalls
Linux
Python
Splunk
Benefits
comprehensive benefits package to ensure our employees receive the work-life support they need