Security Engineer II

What You’ll Do

• Execute monthly FedRAMP Continuous Monitoring activities, ensuring timely and accurate completion of deliverables

• Maintain and update Plans of Action and Milestones (POA&Ms), including tracking remediation progress and validating closure

• Review and analyze vulnerability scan results (e.g., Nessus) and assist with prioritization and escalation

• Maintain an accurate, up-to-date view of vulnerability status across the environment

• Track vulnerabilities through the full lifecycle: identification, validation, remediation, and closure

• Monitor and report on aging vulnerabilities and SLA adherence

• Ensure consistency between scan results, ticketing systems (e.g., ServiceNow), and POA&M records

Operational Visibility & Monitoring

• Maintain continuous operational visibility into the security posture of FedRAMP systems, including vulnerabilities, assets, and control status

• Validate that security-relevant data (scan results, logs, asset inventory, and tracking systems) is complete, accurate, and aligned across sources

• Identify gaps in visibility (e.g., missing assets, incomplete scan coverage, inconsistent data) and escalate appropriately

• Support continuous monitoring activities aligned with FedRAMP and NIST 800-137 (ISCM) expectations

• Assist in ensuring that logging, monitoring, and security tooling provide sufficient coverage to support ongoing risk awareness and audit readiness

Additional Responsibilities

• Prepare and maintain audit-ready documentation and ConMon artifacts, including monthly summaries

• Partner with engineering, cloud, and security teams to support timely remediation efforts

• Assist with annual assessments and audit preparation, including coordination with internal and external auditors

• Identify recurring issues or trends and escalate to the senior lead for resolution

What We’re Looking For

• 2–4 years of experience in cybersecurity, vulnerability management, or compliance operations

• Exposure to FedRAMP, NIST 800-53, or similar security frameworks

• Hands-on experience working with vulnerability scanning tools (e.g., Nessus, Qualys)

• Experience tracking vulnerabilities or security findings in a ticketing or tracking system (e.g., ServiceNow, Jira)

• Strong organizational skills with the ability to manage and track large volumes of findings accurately

• High attention to detail and commitment to maintaining data accuracy and consistency

• Ability to identify and investigate discrepancies across multiple data sources

• Understanding of the importance of continuous monitoring, system visibility, and audit readiness in regulated environments

• Strong written and verbal communication skills, with the ability to clearly convey status and risk

• Ability to work independently while collaborating closely with a senior lead and cross-functional teams

• BS Engineering/Computer Science or equivalent experience required

Nice to Have

• Experience with FedRAMP Continuous Monitoring processes or reporting

• Familiarity with POA&M management and audit support activities

• Exposure to logging, monitoring, or SIEM platforms

• Experience improving workflows through automation or scripting (e.g., PowerShell, Python, Power Automate)

What Success Looks Like

Success in this role means maintaining a clear, accurate, and continuously updated view of system security posture, ensuring that:

• Vulnerability status is consistently tracked and reported

• Security data is aligned across tools and reporting artifacts

• ConMon deliverables are completed on time

• The environment remains audit-ready with strong operational visibility and minimal surprises

This role requires comfort working in a structured, compliance-driven environment with recurring monthly deliverables and a strong focus on consistency and detail.

Additional Requirements

• U.S. Citizenship required

• Must meet IAL2 (Identity Assurance Level 2) requirements

• This is a hybrid position

We know your well-being and happiness are key to a long and successful career. We are delighted to offer country specific benefits. Click here to access benefits specific to your location.

We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1-855-833-5120.

Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here.

Please read our Candidate Privacy Policy.

We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.

USA Job Seekers:

EEO Know Your Rights.