Job Title: Security Engineer
Location: Reston, VA – TechSur HQ Office (3x/week)
Salary: DOE + full benefits
Clearance: Active Public Trust
Company Overview
TechSur Solutions is a digital services company whose mission is to enable digital transformation for our customers to improve quality and efficiency. Based in the DC metropolitan area, TechSur specializes in advanced cloud services, modernization for both IT structures and applications, leveraging Agile development, and Data Analytics. Since we were formed in August of 2016, we have supported multiple impactful and exciting government programs.
Job Description
We are seeking skilled Security Engineers to support a civilian federal agency by engineering, implementing, and operating enterprise and cloud security controls. The role will leverage your skills in identity-centric security, Zero Trust Architecture, and public key–based authentication, while also supporting vulnerability management, patching, incident response, and federal compliance requirements.
Key Responsibilities:
- Implement, and operate ICAM solutions, including identity lifecycle management, authentication, authorization, and access governance.
- Implement Zero Trust Architecture in alignment with NIST SP 800-207, emphasizing continuous verification, least privilege, and identity-based access.
- Deploy and support SASE / SSE capabilities, including ZTNA, Secure Web Gateway, CASB, and Firewall-as-a-Service.
- Support PIV smart card and certificate-based authentication across users, device, application, and cloud environments.
- Operate, and maintain PKI and certificate management services, including certificate issuance, renewal, revocation, and automation.
- Engineer and secure cloud environments (AWS, Azure, or Google Cloud Platform), focusing on identity, networking, logging, and secure configurations.
- Perform vulnerability scanning, risk prioritization, and coordination of remediation activities.
- Support patch management efforts by validating system configurations and verifying remediation of security findings.
- Monitor security and identity events using SIEM and related tools; investigate and respond to security incidents.
- Participate in incident response activities, including alert triage, investigation, containment, eradication, and recovery.
- Develop and maintain incident response playbooks, runbooks, and post-incident documentation.
- Develop and maintain security engineering documentation, standards, and operational runbooks.
- Collaborate with IT, cloud, and application teams to integrate security controls into system designs and CICD pipelines.
- Provide compliance and audit support, including technical evidence for ATO, continuous monitoring, and remediation activities.
Required Skills
- Proven experience in identifying and remediating vulnerabilities in both Linux and Windows environments with a strong understanding of compliance requirements.
- Strong understanding of cloud security frameworks and best practices, including NIST, CIS, and ISO 27001.
- Proficiency in using security tools such as Nessus, ORCA, AWS Security Hub, Azure Security Center, Google Cloud Security Command Center, and other vulnerability scanning tools.
- Familiarity with Red Hat Satellite server, WSUS, IBM BigFix or other similar toolsets.
- Knowledge of scripting languages such as Python, Bash, PowerShell, Ansible for automation of security remediation tasks.
- Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment.
- Strong communication and interpersonal skills, with the ability to explain complex security issues to technical and non-technical stakeholders.
Desired Skills
- Experience with IAM / ICAM platforms, identity federation (SAML, OAuth 2.0, OpenID Connect), and privileged access management.
- Hands-on experience implementing Zero Trust and/or SASE/SSE solutions.
- Strong knowledge of PIV/CAC, MFA, and certificate-based authentication.
- Practical experience with PKI, X.509 certificates, CRLs/OCSP, TLS, and key management.
- Experience securing cloud environments and integrating identity-centric controls.
- Knowledge of vulnerability management and patch management processes and tools.
- Familiarity with NIST SP 800-53, 800-63, and 800-207, and FISMA requirements.
- Ability to automate security and certificate lifecycle tasks using scripting tools.
- Strong written and verbal communication skills.
- Desire to work in a SAFe environment to support efficient delivery
Additional Requirements:
- Must be able to obtain public trust prior to starting work.
- Excellent interpersonal and communication skills, both written and verbal.
- Commitment to following stringent security protocols.
- Well-organized, with a high level of attention to detail and the ability to prioritize tasks.
Education
- Bachelor’s degree in computer science, Information Technology.
Never miss an opportunity! Create an alert based on the job you applied for.
