Security Engineer

Job Description

ECS is seeking a Security Engineer to work Remotely.

The Security Engineer will play a critical role in supporting the modernization of federal information technology systems while ensuring the highest standards of cybersecurity and compliance. This position requires an experienced professional who can navigate complex federal security requirements, implement robust security controls, and support the transformation of legacy systems to modern, cloud-enabled architectures. The Security Engineer will work closely with cross-functional teams including system architects, developers, operations staff, and federal stakeholders to embed security throughout the modernization lifecycle.

This role demands expertise in both traditional federal security frameworks and emerging technologies, with a focus on enabling secure digital transformation while maintaining compliance with federal regulations and standards. The successful candidate will contribute to reducing cybersecurity risks while accelerating the delivery of modernized IT capabilities to support critical government missions.

Responsibilities

Security Architecture & Design

• Design and implement security architectures for modernized federal IT systems, including cloud-native and hybrid environments

• Conduct security assessments and risk analyses for existing legacy systems and proposed modernization approaches

• Develop security controls and safeguards that meet federal compliance requirements (FISMA, FedRAMP, NIST frameworks)

• Create and maintain security documentation including System Security Plans (SSPs), security control assessments, and Authority to Operate (ATO) packages

Compliance & Risk Management

• Ensure adherence to federal cybersecurity standards including NIST 800-53, FIPS 140-2, and agency-specific security requirements

• Support continuous monitoring and ongoing authorization processes for modernized systems

• Collaborate with federal Authorizing Officials and security teams throughout the ATO process

• Identify, assess, and develop mitigation strategies for security risks associated with system modernization

Technical Implementation

• Implement security tools and technologies including SIEM, vulnerability management, identity and access management, and encryption solutions

• Configure and manage security controls for cloud platforms (AWS GovCloud, Azure Government, Google Cloud for Government)

• Develop and maintain security automation scripts and Infrastructure as Code ( IaC ) security configurations

• Integrate security testing and scanning tools into CI/CD pipelines and DevSecOps processes

Collaboration & Communication

• Work with development teams to implement secure coding practices and conduct security code reviews

• Provide security guidance and consultation to project teams throughout the modernization process

• Coordinate with federal agency security personnel, compliance officers, and technical teams

• Present security findings, recommendations, and status updates to both technical and executive stakeholders

Salary Range: $120,000 - $145,000

General Description of Benefits

Required Skills

• U.S. Citizen
• Ability to obtain and maintain a DHS Public Trust suitability designation
• Bachelor's degree in Computer Science , Engineering, Information Systems, or related discipline (or equivalent experience)

• 5+ years in systems engineering for large-scale IT environments (federal experience preferred)
• Ability to obtain and maintain a DHS Public Trust suitability designation

Desired Skills

• Current Security+ certification

• Experience with federal cybersecurity frameworks (NIST 800-53, FISMA, FedRAMP)

• Hands-on experience with cloud security in AWS

• Knowledge of network security, encryption technologies, and identity management systems

• Experience with security assessment tools and vulnerability management platforms

• Understanding of DevSecOps principles and security integration in CI/CD pipelines

• Advanced security certifications (CISSP, CISM, GSEC, AWS Security Specialty, Azure Security Engineer)

• Experience supporting federal ATO processes and working with government security teams

• Knowledge of containerization security (Docker, Kubernetes) and microservices architectures

• Experience with infrastructure as code tools (Terraform, CloudFormation, Ansible)

• Familiarity with agile development methodologies and project management frameworks

• Previous experience on federal IT modernization or digital transformation initiatives

• Proficiency with security scanning tools (Nessus, Qualys, Rapid7, etc.)

• Experience with SIEM platforms (Splunk, ELK Stack, AWS Security Hub)

• Knowledge of scripting languages (Python, PowerShell, Bash)

• Understanding of network protocols, firewalls, and intrusion detection/prevention systems

• Familiarity with compliance automation tools and security orchestration platforms

• Strong analytical and problem-solving abilities

• Excellent written and verbal communication skills

• Ability to work effectively in cross-functional, collaborative environments

• Strong attention to detail and ability to manage multiple priorities

• Adaptability and willingness to learn new technologies and frameworks

• Professional demeanor suitable for interaction with federal personnel and stakeholders

#ECS1

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3300+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.