Remediation Engineer

RESPONSIBILITIES:
Kforce has a client in Austin, TX that is seeking a Remediation Engineer.

Summary:
The CISO Remediation Team is looking to add a cybersecurity Remediation Engineer as part of the overall Cyber Defense organization. In this role, you will contribute to and, over time, drive the technical resolution of security risk across the enterprise, operating at the intersection of security operations, engineering, and architecture. You will help teams recover from incidents, remediate vulnerabilities, and implement durable, scalable security improvements.

Depending on the engagement and experience level, you may remediate issues directly, partner with engineering teams to drive fixes, or design repeatable remediation patterns. This role is not a primary SOC, detection, or application security pipeline ownership role, but partners closely with those teams to drive remediation outcomes.

Areas of specialization may include:
* Scripting, Automation & Infrastructure as Code: Python, Ansible, Terraform, or similar tooling
* Cloud & Virtualized Environments: IBM Cloud, AWS, Azure, Google Cloud Platform; virtualization and container platforms
* Operating Systems & Networking: Windows or Linux; network segmentation, SDN, and isolation techniques
* Security Technologies: EDR, NGFW, IDS, SIEM, SOAR, and related platforms

Key Duties:
* Support containment, recovery, and post-incident remediation by identifying root causes and implementing technical fixes that reduce recurrence
* Partner with product, engineering, and infrastructure teams to embed security within existing practices
* Conduct security and risk assessments of applications, platforms, and infrastructure, including threat modeling and targeted technical review
* Apply security principles to protect systems and data, ensuring availability, authentication, authorization, confidentiality, and integrity

REQUIREMENTS:
* Ability to work independently or as part of a team while operating effectively in ambiguous, fast-moving environments
* Strong problem-solving skills with attention to detail and a proactive mindset
* Strong interpersonal and communication skills with the ability to work effectively across engineering, security, and business teams; and explain technical remediation steps to non-technical stakeholders
* Ability to collaborate effectively and, with experience, influence remediation outcomes across federated teams
* Experience conducting security reviews and translating findings into actionable engineering guidance
* Experience applying and maintaining secure configurations across systems, networks, or applications
* Ability to leverage AI tools to accelerate triage, remediation recommendations, and incident response, with appropriate human review and judgement
* Knowledge of vulnerability management, common attack patterns, and mitigation techniques. (e.g., OWASP Top 10, MITRE ATT&CK)

Preferred Technical and Professional Expertise:
* Certifications are a plus but not required; hands-on experience is valued most. (e.g., CISSP, CISM, OSCP, SANS, cloud security certifications)
* 4-8 years of experience in security engineering or adjacent engineering roles. (e.g., networking, infrastructure, cloud, or application development)
* Experience supporting incident response or post-incident remediation
* Experience with cloud platforms, CI/CD pipelines, containerization, and Kubernetes
* Experience using automation and AI to reduce mean time to remediation (MTTR)
* Familiarity with Agile development environments
* Foundational understanding of cybersecurity frameworks and regulations and how they inform risk-based remediation decisions. (e.g., NIST CSF, NIST 800-series, ISO 27001, PCI)

The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.

We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.

Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.

This job is not eligible for bonuses, incentives or commissions.

Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

By clicking ?Apply Today? you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.