Senior Security/Threat Engineer

Overview

DecisionPoint seeks a Senior Security/Threat Engineer to provide senior-level leadership and advanced expertise across enterprise cybersecurity monitoring, threat detection, vulnerability management, and incident response for systems supporting a federal and DoD-aligned mission environment. This position oversees threat intelligence integration, SIEM analytics, log correlation, ACAS/Nessus scanning, STIG validation, patch compliance verification, and execution of the Continuous Monitoring Plan.

The Senior Security/Threat Engineer plays a critical role in detecting, analyzing, and responding to sophisticated threats while ensuring continuous risk reduction and cybersecurity readiness across mission applications, cloud workloads, and enterprise platforms.

This position is fully remote.

Note: By applying to this position, you acknowledge and consent to having your resume included in an active competitive government contract bid.

Duties & Responsibilities

The Senior Security/Threat Engineer will:

• Lead enterprise threat monitoring, detection engineering, and cybersecurity analytics functions.

• Oversee ACAS/Nessus scanning operations, vulnerability trending, severity analysis, and remediation coordination.

• Manage SIEM alerting, log correlation, advanced query development, and threat detection tuning.

• Conduct threat hunting activities to identify anomalous behavior, emerging threats, or latent indicators of compromise.

• Validate STIG implementation, patch compliance, and secure configuration baselines across systems.

• Execute and maintain the Continuous Monitoring Plan including scanning schedules, reporting cycles, and compliance verification.

• Develop detection rules, dashboards, and analytic models to strengthen situational awareness and reduce dwell time.

• Support incident response activities including triage, containment, forensic review, and corrective action planning.

• Provide risk-based recommendations to engineering teams based on identified vulnerabilities, misconfigurations, or threat trends.

• Produce threat intelligence summaries, vulnerability reports, and continuous monitoring deliverables for government stakeholders.

• Coordinate with cloud engineers, ISSOs, DevSecOps teams, and cybersecurity analysts to maintain a secure operational posture.

• Improve automation for monitoring, scanning, log analysis, and cybersecurity reporting.

• Mentor junior analysts and strengthen enterprise detection and response capabilities.

Qualifications

Clearance Requirement

Must hold an active Top Secret clearance, supported by a Tier 5 background investigation.

Education (Required)

Bachelor's degree in Computer Science, Cybersecurity, Engineering, Information Technology, or a related field.

Experience (Required)

• Minimum 10 years of experience in cybersecurity, threat detection, or vulnerability management.

• Experience leading enterprise monitoring, threat analysis, SIEM operations, or vulnerability programs.

• Experience conducting ACAS/Nessus scans, validating STIG compliance, and verifying patch levels.

• Experience performing threat hunting, log analysis, and incident response activities.

• Experience developing detection rules, analytic patterns, or SIEM dashboards.

• Experience coordinating across cloud, operations, and engineering teams to remediate high-risk findings.

Technical Knowledge (Required)

• Deep understanding of SIEM platforms, log analytics, threat detection, and correlation techniques.

• Strong knowledge of ACAS, Nessus scanning, STIG requirements, and vulnerability remediation workflows.

• Understanding of NIST SP 800-53, RMF continuous monitoring requirements, and DoD cybersecurity directives.

• Experience with cloud-native security monitoring tools and continuous monitoring environments.

• Knowledge of network security, behavioral analytics, and threat-hunting methodologies.

Technical Knowledge (Preferred)

• Experience with AWS cloud security services and AWS Security certifications.

• Familiarity with MITRE ATT&CK, cyber kill chain analysis, or adversary emulation techniques.

• Experience with container security, Kubernetes monitoring, or cloud-native workload protections.

• Knowledge of SOAR tools or automation workflows for monitoring and response.

Certifications

Required:

• CISSP or CCSP or Security+

Preferred:

• AWS Security Specialty

• GIAC certifications (GCIH, GCIA, GDAT, GCDA, or similar)

• CISM

Skills

• Strong analytical and investigative skills for identifying, triaging, and responding to threats.

• Excellent communication skills for presenting threat summaries and vulnerability findings to stakeholders.

• Ability to lead monitoring and vulnerability management programs with minimal oversight.

• Strong attention to detail and precision in security data analysis and documentation.

• Ability to manage multiple priorities and respond rapidly in a mission-critical environment.

Our Equal Employment Opportunity Policy

• EEO and Affirmative Action Policy: DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws.
• Pay Transparency Policy: In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
• Authorization to Share Resume and Personal Information: By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation. or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.