Senior Cyber Security Engineer

ECS Tech Inc•Fort Meade, MD

5h•Onsite

About The Position

ECS is seeking a Senior Cyber Security Engineer to work at our Ft. Meade, MD customer site in a full-time, onsite capacity. ECS is seeking a Senior Cyber Security Engineer to support robust Impact Level (IL) 5 and IL6 programs in an operational DoD environment that houses multiple U.S. Coalition Mission Partner Environments (MPE). The Senior Cyber Security Engineer is a high-level technical authority responsible for designing, implementing, and defending infrastructure to protect MPE’s networks, systems, and data. The Senior Cyber Security Engineer will deploy security tools (firewalls, IDS/IPS), conduct vulnerability assessments, automate threat detection, manage cloud/hybrid environments, lead incident response efforts to mitigate cyber threats, and ensure systems and tools comply with strict regulatory frameworks such as RMF and STIGs. This position is a demanding, high-energy role that requires innovative ideas to building, deploying, and managing robust security tools. The ideal candidate has advanced technical acumen; essential soft skills (including analytical thinking, problem-solving, communication, and proven leadership abilities); and intellectual curiosity critical for analyzing mission-related cyber security requirements and developing effective solutions to address them. The Senior Cyber Security Engineer reports to the Senior Technical Program Manager and collaborates closely with technical peers.

Requirements

U.S. Citizen.
Active Secret security clearance, with the ability to obtain a Top Secret security clearance with Sensitive Compartmented Information indoctrination (TS/SCI).
Bachelor’s degree in Computer Science; Information Security; or another Science, Technology, Engineering and Mathematics (STEM) discipline.
8+ years of progressive hands-on experience in cybersecurity operations, vulnerability management, and cybersecurity engineering; 10+ years in lieu of a degree.
Active DoD 8140 IAT Level II, or higher, certification (e.g., Security+ CE, CCNA Security, CySA+, CISSP, etc.).
Ability to work full-time, 5 business days per week, onsite in Ft. Meade, MD.
Significant hands-on experience with: Trellix platform administration and policy management via ePO ACAS vulnerability scanning tools SIEM platforms, such as Microsoft Sentinel Vulnerability remediation workflows and endpoint security operations DoD cybersecurity frameworks and RMF processes
Ability to assume full ownership and accountability for tasks and deadlines, work with limited supervision, and commit to high quality results and deliverables.
Highly developed interpersonal and oral/written communication skills to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).
Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.

Responsibilities

Act as the primary cyber operations point of contact in a secure DoD environment.
Administer and maintain the Trellix enterprise security platform – including management of endpoint security tools and centralized policy control – through ePolicy Orchestrator (ePO).
Administer and maintain Assured Compliance Assessment Solution (ACAS) vulnerability scanning infrastructure and scanning schedules.
Monitor and configure alerts and security events using Microsoft Sentinel.
Monitor endpoint security events and investigate potential threats and suspicious activity.
Maintain endpoint security configurations, updates, and compliance across enterprise systems.
Produce vulnerability reports and metrics supporting Risk Management Framework (RMF) compliance and Plans of Action and Milestones (POA&M) tracking.
Tune detection rules and integrate endpoint and vulnerability telemetry.
Monitor overall system security posture and identify emerging risks.
Collaborate with Infrastructure and MPE teams to address security findings.
Support RMF documentation, security assessments, and compliance activities.
Other duties, as assigned.