Job Description Everforth ECS is seeking a
Security Engineer to work in our
Portland, OR office.
Please Note: This position is contingent upon contract award. The Security Engineer supports the design, implementation, configuration, and maintenance of cybersecurity technologies, controls, and secure infrastructure capabilities across enterprise systems and security operations environments. This role helps ensure that systems, applications, networks, endpoints, and cloud environments are protected, monitored , hardened, and aligned with organizational security requirements.
The ideal candidate has hands-on experience implementing and supporting security tools, troubleshooting technical security issues, applying secure configuration standards, and collaborating with SOC analysts, system administrators, network engineers, control assessors, and program stakeholders to improve the organization's security posture.
Key Responsibilities Security Engineering & Implementation - Implement, configure, maintain , and support cybersecurity technologies, tools, platforms, and technical security controls.
- Assist with engineering secure solutions for enterprise systems, networks, endpoints, cloud environments, applications, and operational support platforms.
- Support security architecture decisions by providing implementation input, technical feasibility analysis, and operational considerations.
- Apply security engineering practices across the system lifecycle, including planning, deployment, configuration, testing, operations, and sustainment.
System Hardening & Secure Configuration - Apply secure configuration baselines, hardening standards, and technical control requirements to servers, endpoints, network devices, applications, and cloud services.
- Review system configurations, permissions, authentication settings, logging settings, encryption settings, and access controls for alignment with security requirements.
- Support implementation of vulnerability remediation, configuration changes, patching activities, and risk reduction measures in coordination with system owners.
- Validate that security controls are operating as intended and support remediation when control gaps or technical weaknesses are identified .
Security Tool Support & Integration - Support deployment, tuning, and sustainment of tools such as SIEM, EDR, vulnerability scanners, firewalls, IDS/IPS, email security, identity security, logging, and monitoring platforms.
- Integrate security tools with enterprise systems, data sources, ticketing systems, dashboards, identity platforms, and incident response workflows.
- Troubleshoot tool performance, connectivity, data collection, alerting, agent health, policy enforcement, and integration issues.
- Coordinate with SOC analysts, Splunk engineers, threat hunters, and system administrators to ensure security tooling supports monitoring, investigation, and response requirements.
Vulnerability, Risk & Remediation Support - Analyze vulnerability scan results, configuration findings, security alerts, and control weaknesses to support prioritization and remediation planning.
- Work with technical teams to identify root causes, validate remediation options, and confirm closure of vulnerabilities or security findings.
- Support risk treatment activities by documenting technical constraints, compensating controls, residual risk, and remediation status.
- Assist control assessors and assessment leads by providing technical evidence, configuration details, screenshots, logs, and implementation explanations.
Incident Response & Operational Support - Provide technical engineering support during security incidents, investigations, containment activities, eradication efforts, and recovery actions.
- Assist with log collection, tool validation, endpoint or network containment actions, access changes, system isolation, and forensic preservation activities as directed.
- Develop and maintain scripts, queries, automation, and repeatable procedures to improve security operations and engineering response efficiency.
- Participate in after-action reviews and support implementation of technical improvements based on incident lessons learned.
Documentation, Standards & Continuous Improvement - Develop and maintain technical documentation, configuration standards, diagrams, implementation guides, runbooks, and operational procedures.
- Support change management, configuration management, asset documentation, and security engineering governance processes.
- Recommend improvements to security tools, engineering processes, baselines, automation, monitoring coverage, and technical control implementation.
- Stay current with emerging threats, security technologies, hardening guidance, and engineering best practices relevant to enterprise security environments.
Required Skills - 3-5 years of experience in cybersecurity engineering, security operations, systems administration, network administration, cloud security, or related technical security roles.
- Hands-on experience implementing, configuring, or supporting security tools, technical controls, secure configurations, and enterprise security technologies.
- Working knowledge of Windows, Linux, networking, identity and access management, endpoint security, logging, vulnerability management, and common security architectures.
- Experience applying security requirements, hardening standards, vulnerability remediation guidance, and configuration baselines across technical environments.
- Ability to troubleshoot technical security issues involving systems, networks, applications, integrations, agents, logs, policies, and monitoring tools.
- Familiarity with cybersecurity frameworks, standards, and best practices such as NIST, CIS Controls, DISA STIGs, ISO 27001, or organizational security baselines.
- Strong documentation, communication, collaboration, and problem-solving skills.
Desired Skills - Experience supporting SOC, incident response, vulnerability management, compliance, or security engineering programs in enterprise or mission-critical environments.
- Experience with SIEM, EDR, firewalls, IDS/IPS, vulnerability scanners, cloud security tools, identity platforms, scripting, APIs, or automation tools.
- Experience in regulated or compliance-driven environments such as government, defense, finance, healthcare, critical infrastructure, or large enterprise programs.
- Familiarity with cloud platforms such as AWS, Azure, or Google Cloud and related security services, logging, monitoring, and identity controls.
- Experience supporting technical evidence collection for assessments, audits, authorization activities, or remediation tracking.
- Certifications such as Security+, CySA +, GSEC, GCIA, GCIH, SSCP, CISSP, CCNA, AWS, Azure, or equivalent technical or security credentials.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
Everforth ECS is the federal segment of
Everforth , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven
Meet the challenge. Make a difference with Everforth ECS! 
Never miss an opportunity! Create an alert based on the job you applied for.