Senior /Principal Federal Security Engineer

CORE RESPONSIBILITIES

• Design and maintain high-fidelity detection rules and analytics across the security stack (SIEM, EDR, CNAPP/CSPM) and cloud environments (AWS, GCP, Azure).
• Ability to run vulnerability scans, triage results, establish exploitability of reported vulnerabilities, recommend risk mitigation controls, and deploy controls where needed
• Develop and refine automated response playbooks for Incident Response (IR) and orchestration (SOAR).
• Lead the evaluation and integration of security technologies, ensuring scalability, resilience, and compliance. as it pertains to FedRAMP environments

WHAT YOU WILL BE DOING

Lead the Detection Lifecycle: Build and maintain our threat detection capabilities, from researching emerging TTPs to writing custom detection logic in our SIEM and EDR platforms.

Incident Response: Respond to alerts and triage findings coordinating across engineering, security, and leadership teams.

Modernize Vulnerability Management: Architect and maintain automation to prioritize vulnerabilities (from Code, to Containers, to Cloud) based on risk and exploitability.Automation: Operationalize security tasks by building, developing, and optimizing SOAR playbooks to automate containment and remediation.

Execute Proactive Threat Hunting: Design and lead hunt missions to identify threats that bypass traditional security controls, utilizing advanced forensics and log correlation techniques.

Industry Awareness: Incorporate industry news, events, IOCs, and other intelligence into our Detection and Response capabilities.

WHAT YOU BRING

• U.S. Citizenship: Applicants must be United States citizens.
• Bachelor's degree or equivalent experience with a minimum of 10 years of experience in Security Engineering, Security Architecture, Federal Security or similar
• Knowledge of U.S. Federal Government security compliance, risk management processes and requirements, including NIST RMF and NIST SP 800-53 Rev 5 controls
• Experience with vulnerability scanning, remediation, and continuous monitoring (ConMon)
• Requires sufficient technical background to be able to interpret audit and compliance requirements, and be able to support basic evidence gathering needs in support of audits
• Ability to provide excellent written and oral communications by email, presentations, and mobile communication platforms (including: experience facilitating discussions, briefing senior managers, and conducting project meetings).
• Experience with continuous monitoring and Plans of Actions and Milestones (POA&Ms) is a plus
• Knowledge of local legal and regulatory security requirements including HIPAA, FedRAMP, and GDPR/privacy
• Flexible and collaborative approach to enabling and supporting the business

The Selected candidate must

• Meet US persons on US soil requirements…