Senior Cybersecurity Engineer- Hybrid Alexandria, VA

Arlington, VA, US • Posted 30+ days ago • Updated 9 hours ago

Full Time

On-site

$100000 - $155000/yr

Motion Recruitment Partners, LLC

Fitment

Dice Job Match Score™

✨ Finding the perfect fit...

Job Details

Skills

Reporting
KPI
Dashboard
Leadership
Auditing
ISO/IEC 27001:2005
SaaS
Amazon Web Services
Microsoft Azure
Government Contracts
Vulnerability Management
Penetration Testing
Business Continuity Planning
Disaster Recovery
Incident Management
Mentorship
Collaboration
Cloud Computing
Migration
Due Diligence
Request For Proposal
IT Security
Privacy
Supply Chain Management
Risk Management
Documentation
Business Development
Security Controls
Computer Science
Cyber Security
Security+
CISSP
Cisco Certifications
CISM
NIST SP 800 Series
NIST 800-53
Risk Management Framework
RMF
DoD
Regulatory Compliance
FedRAMP
Authorization
Microsoft Office
Vulnerability Scanning
Nessus
Qualys
Analytical Skill
Information Gathering
Management
Communication
SAP BASIS

Summary

Senior Cybersecurity Engineer- Compliance & Risk Management

This role is responsible for managing multiple regulatory frameworks-CMMC, FedRAMP, SCRM, NIST 800-171/53, and ISO 27001:2022-across hybrid cloud environments. You will lead a small team of junior engineers performing vulnerability assessments and security scanning, build and maintain security documentation and policies, respond to time-sensitive client security requests, and coordinate third-party audits.

The company is located in Alexandria, VA and will be a hybrid model of 3 days onsite a week.

What You Will Be Doing:

Lead enterprise cybersecurity compliance programs (CMMC, FedRAMP, SCRM, NIST frameworks, ISO 27001:2022).
Own monthly compliance reporting and KPI dashboards for executive leadership.
Plan, coordinate, and support third-party audits (NIST 800-171, CMMC, ISO 27001, FedRAMP), including follow-up remediation activities.
Maintain and organize compliance evidence repositories and SaaS-based control implementations.
Evaluate, recommend, and implement security controls across AWS, Azure, and Office 365 environments and supported applications.
Oversee Risk Management Framework (RMF) processes for government contracts and DoD-facing applications (including ATO/IATT/IATO documentation).
Run weekly POA&M reviews and monthly security assessments.
Develop, update, and enforce security policies, procedures, and technical standards.
Lead vulnerability management efforts and coordinate security assessments and penetration testing.
Manage the business continuity/COOP program, including disaster recovery and crisis response planning.
Direct incident response activities and lead investigations of security events.
Mentor, coach, and manager of junior cybersecurity engineers and analysts.
Serve as a primary interface with federal agencies, auditors, and compliance assessors.
Collaborate with system architects to define and implement security requirements for existing workloads, cloud migrations, and hybrid environments.
Own completion of customer cybersecurity questionnaires and due diligence requests under tight deadlines.
Partner with the Contracts division on RFP responses related to IT security, controls, data privacy, and regulatory compliance.
Support implementation and ongoing management of the cybersecurity supply chain risk management (C-SCRM) program.
Develop compliance documentation and security narratives for proposals and business development efforts.
Act as a subject matter expert on internal security controls, frameworks, and regulations.

Required Skills & Experience:

Bachelor's degree in Cybersecurity, Computer Science, or a related discipline; equivalent experience may be considered in lieu of a degree.
7+ years of experience in cybersecurity engineering and compliance.
5+ years of enterprise experience leading risk and compliance initiatives involving multiple security frameworks.
Security+ certification (or ability to obtain within 6 months); CISSP, CCSP, or CISM preferred.
Deep, hands-on experience with NIST 800-171, NIST 800-53, RMF, and DoD compliance frameworks.
Practical experience with CMMC and FedRAMP authorization processes.
Proficiency with Office 365 security configuration and administration.
Experience with vulnerability scanning platforms (e.g., ACAS, Nessus, Rapid7, Qualys, or similar).
Strong analytical, investigative, and information-gathering skills and the ability to manage multiple concurrent tasks under tight deadlines.
Excellent written and verbal communication skills for engaging stakeholders at all levels.

Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn't provide sponsorship.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 10105282
Position Id: 801492
Posted 30+ days ago

Company Info

About Motion Recruitment Partners, LLC

Motion Recruitment delivers IT Talent Solutions for Contract, Direct Hire, Managed Solutions and Statement of Work to all of North America from our 21 delivery centers. Our high-touch, specialized, team-based recruitment model’s success is proven through our exemplary track record in filling the most challenging IT positions for startup and enterprise clients alike. Our hyper-specialized tech focus results in a truly consultative approach for both our clients and candidates, within our recruiting areas of expertise: Software, Mobile, Data, Infrastructure, Cybersecurity, Product + UX and Functional.

Motion also delivers IT Consulting Solutions through the Motion Consulting Group (MCG) that create true digital transformation for IT projects in Agile Development & Coaching, DevOps & DevSecOps Solutions, and Managed Services for IT Operations.

We’re also the proud creators of Tech in Motion and the Timmy Awards, our North American community platform, events series and award program that connects over 250,000 tech enthusiasts to meet, learn, and innovate.

Go to company profile

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.