All candidates must meet the following criteria: Must be a US Citizen, no dual Citizenships. Must be able to secure a Public trust clearance. Must be able to work across multiple programs across the Federal and DOD space. The core values that ECS looks for in an engagement manager include: Teamwork, Respect, Accountability, Integrity, and Leadership.
Security Engineer
Location
United States
Posted
3 days ago
Salary
0
Seniority
Mid Level
Job Description
Security Engineer
ECS Tech Inc
Role Description Everforth ECS is seeking a Security Engineer to work in our Portland, OR office or remotely. Note: This position is contingent upon contract award. The Security Engineer supports the design, implementation, configuration, and maintenance of cybersecurity technologies, controls, and secure infrastructure capabilities across enterprise systems and security operations environments. This role helps ensure that systems, applications, networks, endpoints, and cloud environments are protected, monitored, hardened, and aligned with organizational security requirements. The ideal candidate has hands-on experience implementing and supporting security tools, troubleshooting technical security issues, applying secure configuration standards, and collaborating with SOC analysts, system administrators, network engineers, control assessors, and program stakeholders to improve the organization's security posture. Key Responsibilities - Security Engineering & Implementation - Implement, configure, maintain, and support cybersecurity technologies, tools, platforms, and technical security controls. - Assist with engineering secure solutions for enterprise systems, networks, endpoints, cloud environments, applications, and operational support platforms. - Support security architecture decisions by providing implementation input, technical feasibility analysis, and operational considerations. - Apply security engineering practices across the system lifecycle, including planning, deployment, configuration, testing, operations, and sustainment. - System Hardening & Secure Configuration - Apply secure configuration baselines, hardening standards, and technical control requirements to servers, endpoints, network devices, applications, and cloud services. - Review system configurations, permissions, authentication settings, logging settings, encryption settings, and access controls for alignment with security requirements. - Support implementation of vulnerability remediation, configuration changes, patching activities, and risk reduction measures in coordination with system owners. - Validate that security controls are operating as intended and support remediation when control gaps or technical weaknesses are identified. - Security Tool Support & Integration - Support deployment, tuning, and sustainment of tools such as SIEM, EDR, vulnerability scanners, firewalls, IDS/IPS, email security, identity security, logging, and monitoring platforms. - Integrate security tools with enterprise systems, data sources, ticketing systems, dashboards, identity platforms, and incident response workflows. - Troubleshoot tool performance, connectivity, data collection, alerting, agent health, policy enforcement, and integration issues. - Coordinate with SOC analysts, Splunk engineers, threat hunters, and system administrators to ensure security tooling supports monitoring, investigation, and response requirements. - Vulnerability, Risk & Remediation Support - Analyze vulnerability scan results, configuration findings, security alerts, and control weaknesses to support prioritization and remediation planning. - Work with technical teams to identify root causes, validate remediation options, and confirm closure of vulnerabilities or security findings. - Support risk treatment activities by documenting technical constraints, compensating controls, residual risk, and remediation status. - Assist control assessors and assessment leads by providing technical evidence, configuration details, screenshots, logs, and implementation explanations. - Incident Response & Operational Support - Provide technical engineering support during security incidents, investigations, containment activities, eradication efforts, and recovery actions. - Assist with log collection, tool validation, endpoint or network containment actions, access changes, system isolation, and forensic preservation activities as directed. - Develop and maintain scripts, queries, automation, and repeatable procedures to improve security operations and engineering response efficiency. - Participate in after-action reviews and support implementation of technical improvements based on incident lessons learned. - Documentation, Standards & Continuous Improvement - Develop and maintain technical documentation, configuration standards, diagrams, implementation guides, runbooks, and operational procedures. - Support change management, configuration management, asset documentation, and security engineering governance processes. - Recommend improvements to security tools, engineering processes, baselines, automation, monitoring coverage, and technical control implementation. - Stay current with emerging threats, security technologies, hardening guidance, and engineering best practices relevant to enterprise security environments. Qualifications - U.S. Citizenship with ability to obtain and maintain a DOE “L” clearance after start. - 3-5 years of experience in cybersecurity engineering, security operations, systems administration, network administration, cloud security, or related technical security roles. - Hands-on experience implementing, configuring, or supporting security tools, technical controls, secure configurations, and enterprise security technologies. - Working knowledge of Windows, Linux, networking, identity and access management, endpoint security, logging, vulnerability management, and common security architectures. - Experience applying security requirements, hardening standards, vulnerability remediation guidance, and configuration baselines across technical environments. - Ability to troubleshoot technical security issues involving systems, networks, applications, integrations, agents, logs, policies, and monitoring tools. - Familiarity with cybersecurity frameworks, standards, and best practices such as NIST, CIS Controls, DISA STIGs, ISO 27001, or organizational security baselines. - Strong documentation, communication, collaboration, and problem-solving skills.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Role Description The Security Specialist – Level III will lead enterprise AWS and hybrid cloud security for the USDA FPAC Cloud Platform. This role will: - Design and govern cloud security architecture. - Establish and enforce security controls. - Support compliance activities. - Lead security operations across AWS and hybrid environments. Qualifications - Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Engineering, or related field; Master’s degree preferred. - Minimum 10 years of AWS security experience. - Must have one of the following certifications: - AWS Certified Security – Specialty - AWS Solutions Architect certification. - Expert-level knowledge of AWS security services and enterprise cloud security governance. - Demonstrated experience in cloud security architecture, zero-trust design, and zero-trust compliance leadership. - Experience supporting federal or enterprise compliance frameworks, including FISMA, NIST SP 800-53, and FedRAMP. - Experience with vulnerability management, incident response, audit support, and continuous monitoring. - Excellent written and verbal communication skills. - Ability to obtain and maintain required USDA suitability/public trust credentials; highly desirable candidate already has USDA clearance. Requirements - Current or prior experience supporting USDA, FPAC, or other federal civilian agency cloud environments. - Highly desirable: current or recent USDA/FPAC public trust or suitability clearance and active HSPD-12 PIV card, or prior adjudicated clearance that can be reactivated. - Preferred Certifications (Any One): - CISSP - CCSP Key Responsibilities - Design and govern enterprise AWS security architecture across cloud and hybrid environments. - Lead implementation of cloud security controls, logging, encryption, identity and access management, and network security. - Support and oversee FISMA, NIST SP 800-53, FedRAMP, and USDA security compliance requirements. - Lead continuous monitoring, vulnerability management, remediation tracking, and audit support. - Support ATO activities, security assessments, penetration testing, and incident response. - Implement and enforce zero-trust and secure-by-design principles across cloud and hybrid environments. - Provide security guidance to DevSecOps, platform, and operations teams. - Prepare and maintain required security documentation, reports, and compliance artifacts. Benefits - Competitive compensation and benefits packages including paid vacation, medical, dental, vision, matching 401(k) plan, tuition/training reimbursement, and Long & Short-Term Disability.
AI Security Specialist
Sourcing Trust, Lda | Catenon PartnerNa Sourcing Trust, comprometemo-nos a fornecer soluções tecnológicas inovadoras, fiáveis e personalizadas que capacitam as empresas a prosperar num panorama digital em rápida evolução. Foco na excelência, integridade e colaboração. Construímos parcerias duradouras através da compreensão das necessidades únicas de cada cliente. Oferta de suporte especializado em todas as fases. A nossa equipa dedica-se a promover um ambiente de trabalho positivo e inclusivo. Incentivamos o crescimento contínuo, a aprendizagem e o sucesso partilhado.
Role Description Estamos a recrutar um(a) AI Security Specialist para integrar um projeto internacional no setor da logística, com foco na segurança de soluções baseadas em Microsoft Copilot e ecossistema Azure/Microsoft 365. - A função envolve a proteção, monitorização e otimização de ambientes Copilot. - Garantir conformidade com boas práticas de segurança, Zero Trust e gestão de identidades. - Papel ativo na análise de ameaças emergentes em soluções de IA, como: - Prompt injection - Data poisoning - Tentativas de manipulação de modelos Qualifications - Licenciatura em Ciência da Computação, Cibersegurança, IT ou área relacionada. - Mestrado em Cibersegurança ou áreas similares é uma mais-valia. - Fluência em inglês. Requirements - Mínimo de 5 anos de experiência em Cibersegurança. - Pelo menos 3 anos de experiência com Microsoft 365 e Azure Security. - Sólidos conhecimentos em Microsoft Defender, Entra ID, Conditional Access e Zero Trust. - Experiência prática em modelação de ameaças e security testing. - Conhecimentos de PowerShell, Python ou C# (obrigatório). - Certificações em segurança (ex.: Microsoft Security, AZ-500, CISSP) são valorizadas. Company Description Na Sourcing Trust, comprometemo-nos a fornecer soluções tecnológicas inovadoras, fiáveis e personalizadas que capacitam as empresas a prosperar num panorama digital em rápida evolução. - Foco na excelência, integridade e colaboração. - Construímos parcerias duradouras através da compreensão das necessidades únicas de cada cliente. - Oferta de suporte especializado em todas as fases. - A nossa equipa dedica-se a promover um ambiente de trabalho positivo e inclusivo. - Incentivamos o crescimento contínuo, a aprendizagem e o sucesso partilhado.
Cyber Security Engineer I
First Citizens BankFirst Citizens Bank offers a full line of financial services and focuses on individuals, as well as small to medium-sized businesses. As an employer, the compan
Role Description This position ensures the technological and digital security of the Bank. Mitigates exposure to cyber threats, security risks, and unauthorized access. Assesses organizational networks, applications, or systems for potential vulnerabilities. Protects assets and information through a variety of methods, resolving security issues or incidents as they arise. Maintains knowledge of industry practices, technology, and evolving threats in order to enhance defenses for the Bank's information systems and resources. Remote eligible. Responsibilities - Technical Security: Administers tools or processes that secure assigned technical areas and data. Participates in security audits, identifies security gaps, and develops and implements risk mitigation solutions. Ensures compliance with necessary protocols, configurations, or procedures. - Analysis: Identifies and evaluates potential threats or vulnerabilities in the Bank's networks, applications, or systems. Compiles data from external or internal sources. Creates actionable intelligence based on review of analysis. - Security Expertise: Maintains a current knowledge of technology, emerging threats, and security trends within the assigned technical area. May provide guidance on appropriate security protocols. - Issue Resolution: Investigates and resolves security incidents which may include unauthorized access, malware infections, configuration anomalies, cyber attacks, and other risks. Escalates as appropriate. Qualifications - Bachelor's Degree and 2 years of experience in Systems engineering, networking, or information security OR High School Diploma or GED and 6 years of experience in Systems engineering, networking, or information security - Knowledge of data security practices, procedures, monitoring and alert tools, and risk management standards - Knowledge of Active Directory administration and user provisioning, Domain Name System, Group Policy Objects, New Technology File System permissions, File Shares, SharePoint, and Domain controllers - Knowledge of Identity and Access Management concepts and technologies - Ability to clearly communicate risks, threats, and vulnerabilities identified during assessments - Availability to provide after-hours operational support on a rotational basis, with minimal travel Requirements - This job posting is expected to remain active for 10 days from the initial posting date listed above. If it is necessary to extend this deadline, the posting will remain active as appropriate. - Job postings may come down early due to business need or a high volume of applicants. - The base pay for this position is generally between $100,000 and $150,000. Actual starting base pay will be determined based on skills, experience, location, and other non-discriminatory factors permitted by law. - For some roles, total compensation may also include variable incentives, bonuses, benefits, and/or other awards as outlined in the offer of employment. Benefits - Benefits are an integral part of total rewards and First Citizens Bank is committed to providing a competitive, thoughtfully designed and quality benefits program to meet the needs of our associates. - More information can be found at https://jobs.firstcitizens.com/benefits .
• Assess MARAD systems in one of three states: System Authorization: Initial Authorization, Reauthorization, or Continuous Monitoring Assessment (CMA) • Provide annual assessment support to the NSMV and MARAD CIO programs • Conduct independent assessments of specified MARAD information systems • Review existing information system core documentation • Provides identification of non-compliance of security requirements • Validates the security requirements of the information system • Verify and validate that the system meets the security requirements • Execute and conduct analysis of network and systems • Develop security assessment plans and assessment reports • Develop Security Assessment Plan (SAP) • Adhere to the approved SAP • Develop security assessment report (SAR) • Develop / update system qualitative risk assessment reports (RAR) • Develop recommendation report aiding in Plan of Action and Milestone (POA&M) development • Develop security assessment executive summary documents • Enter assessment data the Cyber Security Assessment and Management (CSAM) database • Provide presentations, reports, evaluations, reviews, meeting minutes and working papers as requested • Apply MARAD/DOT A&A guidance and policy • Actively work with the designated Information Systems Security Manager ISSM • Performs other job-related duties as assigned


