Cyber Security Engineer, Mid-Sr.

Overview

GovCIO is seeking an experienced Cyber Security Engineer to lead and enhance our organization's corporate cybersecurity program. This role is pivotal in safeguarding our digital assets, ensuring compliance with industry standards, driving the adoption of cutting-edge security practices and providing technical and process guidance to delivery organizations. This position will be located in Fairfax, VA and will be an onsite or fully remote position within the United States.

Responsibilities

Correlates threat data from various sources to establish the identity and modus operandi of hackers active in the company's networks and posing a potential threat. Provides assessments and reports facilitating situational awareness and understanding of current cyber threats and adversaries. Develops cyber threat profiles based on geographic region, country, group, or individual actors. Produces cyber threat assessments based on entity threat analysis. May provide computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments. Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.

KEY DUTIES AND RESPONSIBILITIES:

• Design, implement, and oversee the company's comprehensive cybersecurity program, aligning with business objectives and regulatory requirements.
• Lead internal program(s) to ensure the organization achieves and/or maintains critical cybersecurity certifications (e.g., ISO 27001, CMMC, etc).
• Develop and enforce security policies, procedures, and protocols to protect digital infrastructure from threats and vulnerabilities.
• Lead incident response efforts, including the identification, containment, and remediation of security breaches. Collaborate with intrusion analysts, engineers, legal, technology partners and federal agencies to identify, report on, and coordinate remediation of cyberthreats.
• Collaborate with cross-functional teams to integrate security into system designs and business processes.
• Leverage technical knowledge of computer systems and networks with cyber threat information to assess the company's security posture.
• Conduct intelligence analysis to assess intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber-attacks.
• Research hackers, hacker techniques, vulnerabilities, exploits, and provide detailed briefings and intelligence reports to leadership.

Qualifications

Bachelor's with 8+ years (or commensurate experience)

Required Skills and Experience

• CISSP certification or higher
• Experience with corporate cyber security certification requirements and programs
• Strong technical understanding of network and computing architectures
• Experience with vulnerability identification and management solutions
• Experience with identify management solutions and SIEM software
• Relevant expertise/skills needed:
  • Threat Hunting, Threat Detection & Incident Response (TDIR)
    Expertise in hunting for IOC prior to detection or alerting. Wide ranging experience identifying, analyzing, and responding to threats using SIEM, EDR, and SOAR tools (e.g., Rapid7 InsightIDR). Ability to lead investigations, incident responses and post-incident reviews.
  • Communication & Documentation
    Strong written and verbal communication skills. Ability to document procedures, write incident reports, and explain technical issues to non-technical stakeholders.
  • Security Architecture & Engineering
    Ability to design and implement secure infrastructure across on-prem, hybrid, and cloud environments (Azure, AWS). Familiarity with zero trust, segmentation, and secure baselines.
  • Vulnerability Management & Pen Testing
    Skilled in scanning, prioritizing, and remediating vulnerabilities. Experience with tools like Rapid7 InsightVM (Nexpose), Nessus, and Qualys, and knowledge of CVSS scoring and exploit chains.
  • Governance, Risk & Compliance (GRC)
    Working knowledge of NIST, ISO 27001, CIS Controls, and regulatory requirements such as CMMC and FedRamp. Ability to support audits, write policies, and conduct risk assessments.
  • Cloud Security
    Hands-on experience securing cloud

Preferred Skills and Experience

• CISSP-ISSAP or -ISSEP certification
• Experience with implementing zero-trust architecture
• Experience with cloud service security solutions
• Experience leading enterprise-wide security strategies and road maps
• Knowledge of secure coding practices

Clearance Required: The ability to obtain and maintain a Top Secret Clearance. Not needed initially but may need to acquire.

Company Overview

GovCIO is a team of transformers--people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens.

But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer?

What You Can Expect

Interview & Hiring Process

If you are selected to move forward through the process, here's what you can expect:

• During the Interview Process
  • Virtual video interview conducted via video with the hiring manager and/or team
  • Camera must be on
  • A valid photo ID must be presented during each interview

• During the Hiring Process
  • Enhanced Biometrics ID verification screening
  • Background check, to include:
    • Criminal history (past 7 years)
    • Verification of your highest level of education
    • Verification of your employment history (past 7 years), based on information provided in your application

Employee Perks

At GovCIO, we consistently hear that meaningful work and a collaborative team environment are two of the top reasons our employees enjoy working here. In addition, our employees have access to a range of perks and benefits to support their personal and professional well-being, beyond the standard company offered health benefits, including:

• Employee Assistance Program (EAP)
• Corporate Discounts
• Learning & Development platform, to include certification preparation content
• Training, Education and Certification Assistance*
• Referral Bonus Program
• Internal Mobility Program
• Pet Insurance
• Flexible Work Environment

*Available to full-time employees

Our employees' unique talents and contributions are the driving force behind our success in supporting our customers, which ultimately fuels the success of our company. Join us and be a part of a culture that invests in its people and prioritizes continuous enhancement of the employee experience.

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets.

Posted Pay Range

The posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an "at-will position" and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department/team performance, and market factors.

Posted Salary Range

USD $125,000.00 - USD $155,000.00 /Yr.