Security Engineer- 5 days onsite Reston, VA

Security Engineer

The Security Engineer plays a key role in safeguarding the organization's digital assets by identifying, analyzing, and mitigating cybersecurity threats. This position is responsible for implementing advanced security controls, monitoring network activity, and responding promptly to security incidents. Working closely with IT and security teams, the engineer helps strengthen the organization's overall security posture and ensures the protection of critical systems and sensitive data from potential breaches.

The company is located in Reston, VA and will be 5 days onsite.

What You Will Be Doing:

• Design, implement, and manage security solutions to safeguard IT infrastructure and sensitive data.
• Oversee Security Operations Center (SOC) functions, including real-time monitoring, alert analysis, and incident triage.
• Conduct risk assessments and lead incident response activities, including investigation, containment, and remediation.
• Develop, implement, and enforce security policies, procedures, and best practices.
• Perform vulnerability assessments and penetration testing to identify and mitigate potential security risks.
• Deploy, configure, and manage EDR/XDR solutions to detect and respond to endpoint threats across the enterprise.
• Investigate security breaches, analyze root causes, and apply corrective actions to prevent recurrence.
• Collaborate with IT teams to ensure secure configurations across networks, servers, and endpoints.
• Recommend, implement, and maintain security tools such as firewalls, IDS/IPS, and endpoint protection platforms.
• Stay informed on emerging cybersecurity threats, evolving best practices, and regulatory compliance changes.
• Manage and optimize Office 365 security configurations, ensuring effective access controls, monitoring, and threat detection.
• Promote organization-wide cybersecurity awareness through staff training and education initiatives.
• Maintain thorough documentation of security incidents, response procedures, and lessons learned for continuous improvement.

Required Skills & Experience:

• Deep understanding of cybersecurity principles, threat landscapes, and security frameworks.
• Hands-on experience with security technologies, including SIEM platforms, firewalls, antivirus, and endpoint protection tools.
• Proven ability to detect, analyze, and respond to security incidents effectively.
• Knowledge of network protocols, encryption methods, and cloud security practices.
• Strong risk assessment and mitigation planning capabilities.
• Scripting or programming skills (e.g., Python, PowerShell) are a plus.
• Excellent analytical thinking, problem-solving, and decision-making skills.
• Strong communication and interpersonal skills with the ability to collaborate across teams.
• Familiarity with regulatory and compliance standards (e.g., NIST, ISO 27001, GDPR).

• Bachelor's degree in Computer Science, Information Security, or a related discipline (or equivalent work experience).
• Professional certifications such as CISSP, CISM, CEH, GCIH, or Security+ are preferred.
• 3-5 years of hands-on experience in cybersecurity, SOC operations, or network security.
• In lieu of a degree, 10+ years of relevant experience (including required management experience) may be considered equivalent.

Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn't provide sponsorship.